Roles and permissions
This section describes the access control model Uniform uses. Uniform manages users as part of a team. Roles are assigned to users.
Permissions are assigned to composition components to control which roles can create different compositions. Custom permissions enable more granular control over access to composition components. After configuring users and roles, team administrators can navigate to a composition component in Canvas, choose the permissions tab, and add role-based permissions to the component.
Users and API keys
Uniform functionality is always performed by either a user or an API key. Therefore, access control is applied to users and API keys.
- Access control is set on the project level. This enables a specific user or API key to be granted permissions on a per-project basis.
- Access control is granted in one of two ways: roles or custom permissions.
- If roles are used, the permissions assigned role(s) are granted.
- If custom permissions are used, the custom permissions are granted.
Roles
Roles are a reusable collection of permissions that can be assigned to users and API keys.
Only team admins can create, edit and delete roles.
Create role
You create a new user by inviting the person to Uniform.
In Uniform, navigate to Security > Roles.
Click the red (+) button.
Enter the role's name
Select the permissions you want to assign.
About this stepSee the roles & permissions reference for details about the individual permissions that are supported.
Click Add Role.
Edit role
Editing a role enables you to change the permissions for the role.
In Uniform, navigate to Security > Roles.
Click the name of the role you want to edit.
Select the permissions you want to assign.
About this stepSee the roles & permissions reference for details about the individual permissions that are supported.
Click Save.
Delete role
Deleting a role enables you to remove the role from your Uniform team.
- In Uniform, navigate to Security > Roles.
- Click the name of the role you want to delete.
- Click Delete Role.
- Click OK.
Default project roles
When a new project is created, the following roles are added by default:
- Developer
- Editor
- Viewer
Team admins can change or delete these roles. They are added for convenience and are not required in order for Uniform to function properly.
For information about the permissions granted to these roles, see the Roles & Permissions reference.
Composition permissions
You are able to assign permissions on composition components in order to control which roles are able to create, edit, and delete certain kinds of compositions.
If you are building a site with sensitive pages, such as those with legal information, you might want to restrict the ability to create these kinds of pages to certain users.
Assign permissions
Permissions must be assigned to a composition component to allow team members or APIs to work with compositions. Custom permissions can extend how permissions are applied. To grant Create and Read access to compositions, the user must also have "Manage Component Library" access. Also, if a role or API has read access to a composition that has been personalized, they will have read access to context elements.
In Canvas > Composition library, open a component that is marked as a composition component.
Navigate to the tab Permissions.
Turn off the option Use team permissions.
About this stepWhen this option is enabled, any user with permission Compositions Create can create compositions using the composition component. Disabling this option allows you to override this setting to prevent users from being able to use this composition component.
Click the red (+) button.
Select the role you want the permissions to be applied to.
Select the permissions you want to be applied:
Permission Description Read View compositions created using the component. Write Make changes to and publish compositions created using the component. Create Create new compositions using the component Delete Delete compositions created using the component. Click OK.
Click Save to save the changes to the component.
