...
| Info |
|---|
All ES specific roles are stored internally in the DB that is shipped with ES. The latter will not change even if an external LDAP were to be connected to the ES. |
- Internal/publisher - users in this role will be allowed to create new assets (i.e., an asset author would belong to this role).
- Internal/reviewer - users in this role are considered as the store reviewers. Every asset needs to be reviewed by a user in this role, before the asset is published into the ES Front.
- private_{username} - users’ private role. Every user in the ES are automatically associated with a role that is created by prefixing their username with
private_. This role is used to control per user permissions. Internal/everyone - This is a system reserved role to create system operations.
Info If you wish to prevent external operations being carried out by the Internal/everyone role, ensure to revoke operations from the role.
...