How Content Level Security and Dynamic Release Management interact

Content Level Security (CLS) has default settings for new Versions, allows access in cases of mixed security settings, and has restrictions that ensure visibility across parent-child Libraries.

Default settings for Versions

The default setting of a new Version is Read-write access for the group Everyone.

When you create a new Version, the default settings are applied.

When you clone a Version, the Version's security settings are also cloned.

Access to shared content with mixed security settings

If content is shared across multiple Versions with different security settings, the most permissive settings prevail. In other words, if a user has access to any Version that contains the content, the user has access to that content.

Content is shared when the same instance of an object is reused across multiple Versions. For example, if the same instance of an object is reused across Version 1, Version 2, and Version 3 and a user has access only to Version 3, the user has access to the object.

Therefore, this does not apply to maps because the same instance of a map cannot be reused across Versions. Maps always have a separate instance per Version.

Visibility of content across parent-child Libraries

When users have visibility into a Library, they always have visibility into any child Libraries. This ensures that security settings do not create visibility gaps or broken links.

It's not possible to accidentally give access to a parent Library while hiding content in a child Library. If a group has Read-write access or Read-only access to a parent Library, IXIASOFT CCMS prevents you from giving the group no access to any child Libraries. At minimum, the group must have Read-only access to the child Libraries.

The restrictions do not guarantee that users have the same level access to child libraries. Users can have Read-write access to a parent Library and Read-only access to a child Library. The restriction applies only to visibility, not the ability to edit.

For example, assume you have Library A and its child Library named Library B. If a group of users have Read-write access to the content in Library A, when you set security on the libraries, the system ensures that the users have at least Read-only access to Library B.