360Agileweb

Content Hub tips & tricks: How to securely share your DAM assets with external users by leveraging collections – part 2

Background

On the previous post, I looked at how to securely share your DAM assets externally by leveraging collections. Among other things, we covered four options you can use to secure the asset collections. One of the options involved defining a permissions policies on M.Asset (model for your assets) based on M.Collection (model for your asset collections). However, this option seems to come with some nuances and will not work by default. I will carry on the conversation to demonstrate how to make this option to work.

Why doesn’t the policy definition work?

In simple terms, the above policy states that we would like to allow all assets belonging to our collection named “External” to be downloadable. Simple. But it doesn’t work.

But why?

This is because the “Inherits security” setting for the CollectionToAsset relation is turned off by default. In other words, this means security related metadata (from the parents towards the children) can not be inherited while this setting is turned off.

M.Asset is a child of M.Collection (as shown below in the schema details for M.Asset definition). To access M.Asset schema page, click on Manage -> Schema -> then search for M.Asset

How do I turn on “Inherits security” for the CollectionToAsset relation?

Short answer is you can’t modify this by yourself. You will need support from Sitecore Technical Support to make this change for you. Please note CollectionToAsset is a system relation and is locked down to Super users as well.

You can raise Sitecore Support Cases using the Support portal and request the team to enable the “Inherits security” on CollectionToAsset on your environments. This should be actioned swiftly after which your policy definitions can start to work as expected.

Next steps

In this blog post, we have looked at how to make user group permissions policies on M.Asset based on M.Collection work. We looked at nuances that make this not to work by default and how to resolve and get it working. I hope you find this useful for your similar use cases.

Stay tuned and please give us any feedback or comments.

Posted in productivity, Sitecore, Sitecore Content Hub, TroubleshootingTagged , , , , 2 Comments

2 thoughts on “Content Hub tips & tricks: How to securely share your DAM assets with external users by leveraging collections – part 2

  1. Pingback: Content Hub tips & tricks: How to securely share your DAM assets with external users by leveraging collections – part 1 – 360AgileWeb.dev
  2. Pingback: My Sitecore contributions in 2024 – 360AgileWeb.dev

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.