Managing the access of users is important as it can improve the security of XMPro Objects. Permissions are given to users only based on what they need to do, for example, someone who only needs to view something can be given read access. This can hide additional functionality that users do not need and also protect against unintentional tampering.
Whether or not you can design a particular data stream, application, or other XMPro Objects is determined by the permissions that you have on it. The person that originally created the XMPro Object will be listed as the owner and can never lose his/her right to access it unless it is deleted. Other users can then be assigned read or read-and-write access.
Granting permissions makes it easier for multiple users to collaborate on one particular XMPro Object. It also makes it easier to grant permissions to multiple users who are only allowed to view or read it without making changes, possibly to just give feedback or to discuss part of the XMPro Object.
The Owner has full permission to make any changes required to the XMPro Object. The owner is also allowed to give other users access or change the permissions of existing users.
The Co-Owner has full permission to make any changes required to the XMPro Object. The Co-Owner is also allowed to give other users or change the permissions of existing users, except removing or changing the Owner's permissions.
A person who has Write access will be allowed to view, edit, publish and unpublish the XMPro Object.
The Read permission will allow a person to view the XMPro Object, but making any changes to the XMPro Object will be prohibited.
XMPro Objects that have the ability to view them at runtime (Apps and Recommendations) have two tabs - Design Access and Run Access. Design access is as described for Manage Access above, and Run Access is where you can configure which Business Roles or Users have permission to view the runtime mode of the XMPro Object. If a Business Role is selected for Run Access, all descendent Business Rules and Users also have access.
Run Access for the ACME Company and David only
Business Roles are a hierarchical representation of the different areas of an organization. When managing access for XMPro Products, the Business Roles defined in Subscription Manager are used.
Business Roles are managed by the Administrator of a Company through the Users page.
All new users will automatically be added under the default 'All Employees' Business Role. Users can be moved, but not deleted from this list. A User can only be listed once underneath one Business Role.
When a user logs in, Subscription Manager will look at the value specified in this Claim and assign them to the Business Role with the same name.