Configure permissions(配置权限)¶
There are three main types of permissions in Carbon:
- Administrator permissions, which permit promotion of Carbon workspaces and configuration of organization-wide Carbon settings
- Editor permissions, which permit editing of a specific Carbon workspace
- Viewer permissions, which permit the viewing and use of specific Carbon workspaces
Configure administrator permissions¶
Carbon administrator permissions are required in order to configure organization-wide settings in Carbon. This includes choosing which workspaces are promoted, customizing the appearance of the Navigation Menu, and enabling or disabling dark mode. Carbon administrator permissions are granted in Control Panel and can be configured independently for each Organization.
To grant Carbon administrator permissions to a group of users:
- Navigate to Control Panel (
workspace/control-panel), and select an enrollment to configure, if multiple enrollments are available. - Under Setting Up an Organization, select Assign organization permissions.
- Configure permissions with one of the following options:
- Search for the
User experience administratorrole and configure which groups and users should have this role. This will also grant permission for related admin workflows. - For more granular permissions, select New role, fill out the name and description, and add the
Manage Carbon workspacesworkflow.
Configure workspace editor permissions¶
To edit a Carbon workspace, a user must have at least edit access to the resource. You can locate, view, and manage permissions for the workspace resource in a Project; the workspace file location is selected when creating a new workspace, but you can also move an existing workspace to a different Project.
Editors can create and edit the home page and header menu bar for specific workspaces they have editor permissions on. Editing a Carbon workspace without promoting it enables iterating on a draft workspace.
Only a Carbon administrator can promote workspaces. Non-admin editors cannot determine which workspaces are displayed in the Navigation Menu, and even if a workspace is configured as the default workspace for a user group, it will not be displayed in the Navigation Menu if it is not promoted by an administrator.
Configure workspace viewer permissions¶
Users must meet the following requirements to be able to view a specific Carbon workspace:
- The user has at least view access to the workspace file.
- You can locate, view, and manage permissions for the workspace resource in a Project. The workspace file can be found in the location in which it was stored when it was created, or opened via the Access tab in the editor side bar.
- The workspace is promoted by a Carbon administrator for the organization to which the user belongs.
- Users with view permissions can still view the workspace if they have the exact URL to navigate to it, even if the workspace is not promoted.
:::callout{theme="neutral"} Note that providing access to a Carbon workspace is not equivalent to providing access to all the Workshop modules, objects, applications, and other resources displayed in the Carbon workspace. Access to these resources is determined independently from access to the Carbon workspace. :::
中文翻译¶
配置权限¶
Carbon 中有三种主要权限类型:
配置管理员权限¶
要配置 Carbon 中的组织级别设置,需要拥有 Carbon 管理员权限。这包括选择推广哪些工作区、自定义导航菜单的外观,以及启用或禁用深色模式。Carbon 管理员权限在 Control Panel 中授予,并且可以为每个 Organization 独立配置。
要向用户组授予 Carbon 管理员权限:
- 导航至 Control Panel(
workspace/control-panel),如果有多个注册实例(enrollment),请选择一个进行配置。 - 在 Setting Up an Organization 下,选择 Assign organization permissions。
- 使用以下任一选项配置权限:
- 搜索
User experience administrator角色,并配置哪些组和用户应拥有此角色。这还将授予相关管理员工作流的权限。 - 如需更精细的权限,请选择 New role,填写名称和描述,并添加
Manage Carbon workspaces工作流。
配置工作区编辑者权限¶
要编辑 Carbon 工作区,用户必须至少拥有对该资源的编辑权限。您可以在 Project 中定位、查看和管理工作区资源的权限;工作区文件位置在创建新工作区时选定,但您也可以将现有工作区移动到不同的 Project。
编辑者可以为其拥有编辑权限的特定工作区创建和编辑主页及标题菜单栏。编辑 Carbon 工作区而不进行推广,可以迭代草稿工作区。
只有 Carbon 管理员才能推广工作区。非管理员编辑者无法决定哪些工作区显示在导航菜单中,即使某个工作区被配置为用户组的默认工作区,如果未经管理员推广,也不会显示在导航菜单中。
配置工作区查看者权限¶
用户必须满足以下要求才能查看特定的 Carbon 工作区:
- 用户至少拥有对工作区文件的查看权限。
- 您可以在 Project 中定位、查看和管理工作区资源的权限。工作区文件可以在创建时存储的位置找到,也可以通过编辑器侧边栏中的 Access 选项卡打开。
- 该工作区已由 Carbon 管理员推广 至用户所属的组织。
- 拥有查看权限的用户即使工作区未被推广,只要拥有确切的 URL 导航至该工作区,仍可查看。
:::callout{theme="neutral"} 请注意,授予对 Carbon 工作区的访问权限并不等同于授予对工作区中显示的所有 Workshop 模块、对象、应用程序及其他资源的访问权限。对这些资源的访问权限独立于对 Carbon 工作区的访问权限进行确定。 :::