Upload a media in a mediaset without seeing the other media?

Ask the Community
1

I have a mediaset, and I have multiple users using one application to upload new media (PDFs) into this mediaset.

Specific users should be able to see specific PDFs. All users should not see all PDFs.

To my understanding:

  • I can upload media to a mediaset via Action. As a user, I need to have mio:write-media-set to be able to upload a file to a mediaset (which is happening in the background).
  • To see the content of a mediaset, I can be viewer on the mediaset (mio:read-media-set)
  • To see a particular media, I don’t need to be viewer on the mediaset, but it is sufficient to be viewer on the object that contains the media-reference, which is backed by a restricted view.

As the Editor/Owner role grant mio:write-media-set and mio:read-media-set together, it seems like a user can’t upload new media without seeing all the existing ones.

Hence, questions:

  • How can a user upload new media without being granted editor/owner on the mediaset ?
  • Is the rest of the above correct ? (in particular the “restricted viewer” part)
2

If you set up restricted views on a dataset with a media reference column, users can see the media items as per the policy defined by the RV.
If you want them to be able to upload/write to the media set, they will need the mio:write-media-set and mio:read-media-set-metadata operations. You could define a custom role that contains those two operations (instead of mio:read-media-set). They won’t see the existing media items in this case.

Hope this helps!

3

Make sense. I was trying to evaluate if there is a solution that avoids a custom role, but seems there is none at the moment, at least. :slight_smile:

Thanks for the reply !

4

How can a user upload new media without being granted editor/owner on the mediaset ?

Currently, you would need to create a custom role with the mio:write-media-set and mio:read-media-set-metadata operations. You would then need to grant your users that role on the media set itself. We are looking into a way for this to be managed via submission criteria instead, but that is very far away.

Is the rest of the above correct ? (in particular the “restricted viewer” part)

The rest is correct, except for the fact that users will also need the mio:read-media-set-metadata operation for them to be able to upload files properly. The other requirement is that users will need Viewer permissions on the Restricted View, otherwise the upload will fail.

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.