How to Restrict Access to Resources
Publishers can designate which users see which records according to the Access Policy configured by the geoportal's host organization. Access is controlled at the resource level through the Administration user interface.
Restricting user access to resources only restricts who can see the resource. It does not determine user access to the actual data/web service itself.
There are three types of security configurations in the geoportal. Each is described below, with instructions for how to set the access level for a resource if the geoportal's host organization has chose that Access Policy.
- Unrestricted: If the Access Policy is set to Unrestricted, then all approved or reviewed records in the geoportal are searchable for all users. In the Administration tab, there is no column for Access in the table of resources.
- Public-Protected: If the Access Policy is set to Public-Protected, then all resources by default are public to all users, unless the resource is restricted to one specific group, predefined in the geoportal configuration. This means that if you are a user in that specified group, you will see restricted resources that users who are not in your group will not see. If you are a publisher, you can set the access level of your resource to Restricted, which will make it visible only to this group. On the Manage Resources page, you'll notice a column in the table of resources titled Access. To set a resource's access level, check the checkbox next to the resource and select Set Access Level from the dropdown list above the table. Two radial buttons appear, and there you can determine if the resource should be Unrestricted (all users can see the resource) or Restricted (only the specific group configured by the host organization can access it).
- Restricted: If the Access Policy is set to Restricted, then different groups can access different resources. For example, Resource A can be restricted for access by Group 1 and Group 2, while Resource B can be restricted for access only by Group 3. This is different from the Public-Protected model because there can be different groups accessing different records. If you are a publisher, you can designate which groups should see your resource by going to the Administration tab, checking the checkbox next to the resource, and selecting Set Access Level from the dropdown list above the table. A list of groups defined in the host organizations directory. The publisher checks the boxes next to the groups that should have access to the resource. The resource will not appear in search results if a user doing the search does not belong to that group.