When you create asset groups (or edit them) or when you create roles (or edit them), you can select the actions users in a role can take with the asset group. Users can be allowed to view, order, edit, and delete assets in asset groups, you can require order approval, or you can customize asset group permissions. Assets can be assigned to more than one asset group, and users can have different permissions for different asset groups.
- View: Allow users to view only assets in the asset group that have been released or are approved for use.
- View+: Allow users to view all assets in the asset group regardless of whether or not they have been approved for use.
- Order: Allow users to order only the assets in the asset group that have been released or are approved for use.
- Order+: Allow users to order all assets in the asset group regardless of whether or not they have been approved for use.
- Order Approval Required: Require users to receive approval from you before they can receive ordered assets.
- Edit: Allow users to edit any asset in the asset group.
- Delete: Allow users to delete any asset in the asset group.
For example, you could create these asset groups based on security needs of a group of similar assets:
- Public: Assets are available to all users with permission to view and order them (View, Order).
- Marketing: Assets are available to be edited, viewed, and ordered by users in the marketing role (Edit, View+, Order+), but can only be viewed by users in all other roles (View).
- Executive: Assets can be viewed and ordered only by users in the executive role (View, Order).
Assign asset group permissions
Assets can be included in one asset group or more than one. Users interact with assets based on asset group permissions you've assigned, whether assets are included in one or more asset group. If an asset is assigned to more than one asset group, asset group permissions are cumulative.
To be able to view assets in any asset group, users must have the View Active Assets permission enabled. The permission must be enabled for each asset group users need to see. Active assets have been released and are approved for use.
To be able to perform other actions for an asset group, users must have any of the other asset group permissions plus the View Active Assets permission.
Permissions for certain features must be enabled at the asset group level.
Asset group permissions example
Here's an example of how permissions for assets in two asset groups - Asset Group A and Asset Group B - can be set up.
A user has different permissions for each of these asset groups. In this example, we assume that you've enabled the View Active Assets permission for the user for both asset groups.
For Asset Group A, these permissions are enabled:
- Edit Assets' Metadata, Type, and Preview
- Add Assets
- Remove Assets
For Asset Group B, these permissions are enabled:
- Release Assets
- Expire Assets
An asset is in Asset Group B. The user can expire and release the asset and add it to Asset Group A.
If the user adds the asset to Asset Group A, they can now:
- Edit the asset's metadata and set and remove alternate previews
- Remove the asset from Asset Group A
- Release the asset
- Expire the asset
The user gains permission for the asset because the asset was added to Asset Group A, a group the user has greater permissions for. When an asset is included in multiple asset groups, users will have any permission that applies to any asset group the asset is included in.