Add the ability as Portal administrators for restrict the types of content that users can create. In effect this would be splitting the Content > Create, edit and delete privilege in the roles to different types of content such as web maps, layers, apps (which might be further split into Story Maps, templates, web app builder etc).
The reasoning behind this is that we only want users to be able to use properly managed, authoritative apps built by the GIS team to meet a specific business requirement. Similarly we'd also prefer them to only use authoritative data layers that we've uploaded to avoid multiple copies of datasets popping up across the Portal.
We've been running our Portal for about six months with a small number of core apps for users to consume and we've restricted user roles to not allow any content creation. We're getting close to rolling out more functionality starting with the ability for users to add corporate layers into the map viewer and then save and share their own web maps.
There doesn't currently appear to be a way of doing this without opening up the ability to also create apps and upload their own data. There may well be future use cases where we're happy for them to do this but for now it's almost as if Portal offers too much advanced functionality for our users - we have to support and document all of this, how do you explain that there is this option to create different types of app but we'd actually prefer it if you don't use it?!
The best we can probably come up with for now is to restrict sharing of content only to certain groups (rather than organisation wide) and then do some kind of regular trawl through users' content directories to remove any items which are applications possibly using the Python API.
Thanks for your suggestion and the background on your organization! A quick question on the apps privilege: would you want any users (not on the GIS team) to be able to create apps but not share them to groups or the organization? Or, would you prefer they do not have the ability to create them at all.
In a future release, items in ArcGIS Enterprise can be marked authoritative (or deprecated) which may also be a helpful way of indicating which apps, layers are preferred for use in your organization.
If you want to chat further, please feel free to reach out! Hcurtis at esri dotcom.
Gareth and Hilary,
Our company IT department really wants this capability. In fact, they only want Admins of the Portal to be able to create Web Apps in particular the GIS Manager. The reason includes who becomes responsible for all that content and who verifies the accuracy of that data. So, I would go a step further and allow the publishing of content for personal project use, but not allow "Publishers" to create Web Apps for distribution.
I would be fine with them being able to create but not share apps. It would be nice if they could mock up what they want and then come to us, the GIS admins, for actual deployment, further customization, etc. Especially if they're to be public facing apps, we'd like the admins to have to be consulted so we can host the apps ourselves so they look more authoritative with a custom URL.
Thanks for your response. Ideally we'd want to completely stop them from creating any apps at all but the other option of allowing them to create but not share would be ok.
The authoritative button could be useful in the future too.
Thanks Gareth, Gerry and Chelsea for your feedback! Sounds like, separately, the ability to 1) create and 2) share apps would be needed here.
Glad to hear the authoritative badge may be helpful to identify items that have been vetted and cleared for use. At 10.6.1, apps that are part of the portal can be marked authoritative in the Settings tab on the item.
Thanks again for your feedback.
Hola, nosotros tenemos la misma necesidad, que expresan los compañeros sobre la versión 10.5.0, ¿ven posible hacer algo sobre ella sin recurrir a migraciones o esperar a futuras versiones.?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.