Universe/IDT Subfolder Security

Long time reader, first time poster and I’m hoping someone can point me in the right direction. Up to this point, only the BI team at our organization has had the ability to publish universes. We now have a situation where a super user in a group outside of the BI team needs to be able to retrieve/publish the universes that they have been developing to/from the repository. We want them to be able to publish/retrieve to a specific folder (instead of just the root of the Public folder) and we have never had the need to do this previously.

What would be the best practice to keep the BI team as administrators that have permission to retrieve/publish to any folder location and have the super user retrieve/publish to only their subfolder of the repository?

Any insight that can be provided is appreciated. Thanks!


bcr123psu (BOB member since 2019-04-05)

I’m going to assume that your developers are in a group called “Developers” and your new super user is in a group called “Super”. You also have a built-in group called “Universe Designer Users” which I will assume all of your developers and power users are in.

I would do the following:
At the top level of universes, give “Universe Designer Users” the View right, but for Object Only. This is necessary for users of UDT/IDT to be able to import or export to any subfolder.

Also at the top level of universes, give the “Developers” group Full Control (I’m assuming this is how you have it set up now).

Next, for the folder in question, give “Super” Full Control. This will give that group the ability to see and work with that folder only.


joepeters :us: (BOB member since 2002-08-29)

I’ll double check with our team and we can give this a rip. Thanks!


bcr123psu (BOB member since 2019-04-05)