Configure Designer Access
Once you have installed VertiGIS Studio Access Control, a user of type Creator can sign in to designer. Creator users can see a list of all the servers, however only ArcGIS Organization Administrators are able to manage permissions for each server. The permissions for each server are configured in the roles.json file.
The roles.json file already contains the configuration for administrators. However, you may want to also configure rules for the following levels:
Group Configuration
To allow members of an ArcGIS group to manage permissions
-
Find or create an ArcGIS group for the users that you want to manage permissions for.
Make sure any users of type Creator, that you want to manage permissions for, are added to the group.
-
Make note of the group ID.
-
Open the
roles.jsonfile.By default,
roles.jsonis located inC:\ProgramData\Geocortex\Access Control\config\access-control -
Locate the admin object.
-
Add the group configuration to the admin object's rules array. Use the following as an example:
CopyGroup Configuration
{
"id": "_admin",
"type": "admin",
"rules": [
{
"id": "bdce99a40f3047f892eacb4d5285d742",
"type": "role",
"action": "assign",
"index": 1
}
]
}In this case, bdce99a40f3047f892eacb4d5285d742 is the ArcGIS group ID.
-
The rules element accepts multiple entries. Additional rules can be added to the existing
adminobject. Add additional groups if necessary. -
Save your changes to the file.
Changes to
roles.jsontake effect immediately upon save.
User Configuration
Configuring permissions by group is preferred over configuring permissions by user.
To specify which ArcGIS users may manage permissions:
-
Open the
roles.jsonfile.By default,
roles.jsonis located inC:\ProgramData\Geocortex\Access Control\config\access-control -
Locate the admin object.
-
Add the user configuration to the admin object's rules array. Use the following as an example:
CopyUser Configuration
{
"id": "_admin",
"type": "admin",
"rules": [
{
"id": "user1",
"type": "user",
"action": "assign",
"index": 1
}
]
}In this case, user1 is a placeholder for the ArcGIS username.
-
The rules element accepts multiple entries. Additional rules can be added to the existing
adminobject. Add additional groups if necessary. -
Save your changes to the file.
Changes to
roles.jsontake effect immediately upon save.
Configure Designer Access to Non-Federated ArcGIS Servers
Once you have installed VertiGIS Studio Access Control, only the ArcGIS user that ran the Post Installer will be able to see non-federated (token-secured and Windows-secured) ArcGIS Servers listed in the Access Control Designer Servers panel. The visibility of non-federated servers is controlled by the presence of ArcGIS items owned by the ArcGIS user that has signed in to the Designer. These items are automatically created for the user that ran the Post Installer, but not for other users in your organization. To allow other users to see the non-federated servers you need to duplicate these reference ArcGIS items.
To provide designer access to a non-federated ArcGIS Server:
-
Sign in to your portal as the user that wants to see the non-federated ArcGIS Server and open the Content page.
-
In My Content, click Add Item and select An application.
-
Configure the item using the following settings, and then click Add Item.
-
Type:
Web Mapping -
Purpose:
Ready to Use -
API:
JavaScript -
URL: Enter the URL of the non-federated ArcGIS Server's Web Adaptor.
For example:
https://server.domain.com/arcgis/ -
Title: For example:
VertiGIS Studio Access Control Non-Federated Server -
Tags:
gxac_server
-
-
Open the Access Control Designer and sign in to see the non-federated ArcGIS Server in the Servers panel.