As described in the introduction to this chapter, task configuration files control access to the tabs, views, buttons and other pieces that make up the UI. Although you can use the task configuration file to control how users interact with data (for example, by removing buttons to prevent users from editing assets such as content groups), the data itself is visible to all users. Secured repositories, by contrast, control a user’s access to data, for example by hiding items from view if a user does not have the appropriate permissions.

The secured repositories feature provides item-level security through access control lists, which you use to grant and deny read, write, and other permissions to internal users. The restrictions can be applied by profile, role, or organization. You can also use secured repositories to manage access to item descriptors and individual properties.

Secured repositories can also provide high-level restrictions by hiding links in the Operations list on the Business Control Center home page as well as controlling access to workflows. For information, see the Managing User Access and Security chapter of the ATG Content Administration Programming Guide.

Exercise caution when configuring access to areas of the UI that allow users to search for items. Users may be able to search for a particular type of item, such as a content group, but no items of that type will be returned unless the user has appropriate access rights (view).