We have created a custom view that we would like to only be visible to our content_admin role. Is there any way to control access to a view based on role?
Cindy
Workbench > UI Elements Design > Content Explorer > Views > Custom
Right click on the view you’re working with and choose Security > Add ACL Entry
The technique mentioned by Darrell applies only within the workbench, I assume you want visibility controlled in the browser.
There are a couple approaches, each with different tradeoffs.
The first approach is to use community visibility. Assign the view to a community within which only the content_admin role has membership. Now, when logged into that community, they will see the view in the CX, no one else will see the view. This may have a drawback if you have to create a special community to accomplish this.
A 2nd approach is to add security to the custom app backing the view. You can add a role to the app security so onlyl content_admin members can access the view. The drawback is that everyone will see the view, but if they click on it, an error would be returned.
Finally, you could tweak the app so that it returns an empty set unless the requester is a member of the appropriate role.
There is the “Read” attribute of the Security ACL of a UI element, as mentioned in my post, that affects availability in the Content Explorer.
You are correct that you can affect CX visibility in that dialog (I forgot you could edit community visibility there.) But only Runtime Access settings affect CX visibility, and only communities can be assigned runtime access permissions. You cannot add a role and assign Runtime access to it, only Design Access. Design access only applies within the workbench.
Well, look at that… I didn’t expect that you’d have limited ACL options for roles and users vs. communities for the UI elements, considering it’s the same UI for the security ACL that allows all three of those subjects. Who knew? Well, Paul Howard knew. kudos
Thanks for the responses! The view is already set up so that it is empty for users outside the content_admin role, so I will stick with Paul’s choice #3. I was just hoping for neatness’ sake that I could hide the view from non-admins.