APPYnotebook

Access Control

Understanding Access Control

Access to resources within the workspace can be controlled in various ways. Access control is managed via user settings

Access control rules for binders are applied as follows.

READ access granted for a binder means that the user to whom that access has been granted would be able to see that binder under the name of the owner in the navigation panel. This does not grant read access to the content of this binder. It merely makes this binder visible to the member to whom this access is granted.

WRITE access currently has no meaning/effect.

Access control rules for pages are applied as follows.

READ access means content on a page can be viewed by users with this access.

READ access is additive, ie there must be READ on the binder as well as on the page.

WRITE access means user can create new content on this page. For instance a user would be able to draw on a white-board page. Typically this would also mean users can alter elements on the page.

Access control rules for elements are applied as follows.

Elements are the content of your pages. Every piece of content on a page is associated with an element. For instance a shape drawing would be represented by an element, an APP embedded on a page would be associated with an element, also the data that APPs produce may be associated with elements.

READ access means that the user to whom it is granted can view this element. It is possible that the page on which this element resides has READ access, if this element's READ is revoked then the user would not be able to view this element. In other words this access supersedes access granted at the page level.

READ access is additive, ie there must be READ on the binder,page as well as on the element.

WRITE access allows the member to whom it is granted to alter the attributes of this element. For instance an APP on a page may be resized or moved by a user who has WRITE access to this element. note that this access supersedes the access granted at the page level. In other words even if WRITE access has been granted at the page level, if this access is not granted then the user would not be able to alter this element.

WRITE access is additive, ie there must be WRITE on the page as well as on the element.

Elements by default inherit READ&WRITE access granted at the page level so there is no need to have to grant them explicit. However there are instances when they may need to be revoked explicitly. Also certain APPs need to selectively provide access to elements, for instance the grading APP doesn't grant access to grade elements except to the instructor and the person to whom a particular grade is assigned.

  1. Group Access Control
  2. Content Access Control

Group Access Control

Access to a group can be either public or by invite only. If a group is public, then any user can join the group given the group url. A group url can be derived from a page url.

Content Access Control

  • To view specific access granted to a user for your resources, select the user:
  • To grant (or revoke) access for a specific user, select the user and check the grant "To" checkbox then click the save button.
  • Note the user "Everyone" refers to everyone in the group. This is an easy way to grant (or revoke) access control to all members of the group. You can use this to give generic access and then grant specific access to specific users.