User management

Provides operations for cretating new users, updating users, deleting users and set/get user-group memberships. Each user is identified by a GUID. There is one built in user that can not be deleted/disabled:

  • admin, Administrator, "00000000-0000-0000-0001-000000000001".

Group management

Provides operations for cretating new groups, updating groups, deleting groups and set/get group-user memberships (same as user-group membership, but from the opposite perspective). Each group is identified by a GUID. There are some built in users that can not be deleted:

  • Administrators, 00000000-0000-0000-0000-000000000001
  • ProjectManagers, 00000000-0000-0000-0000-000000000002
  • Translators, 00000000-0000-0000-0000-000000000003
  • Terminologists, 00000000-0000-0000-0000-000000000004
  • Everyone, 00000000-0000-0000-0000-100000000000

Permission management

Provides operations for setting and getting permissions for server objects. Server objects can be of the following types: TM, TB, Corpus, server project and light resources.

Each permission assignment has the following attributes:

  • ObjectGuid: The guid of the object (TM/TB/Corpus/light resource) the permission is related to.
  • GuidOfUserOrGroup (or Sid): The GUID of the user or group the permisson is related to. If a permission is assigned to a group, all users in that group inherit the permission.
  • PermissionId: an integer representing the permission. Valid values are the following:
    • For TMs:
      • 1: Lookup - Users can perform lookup on the TM
      • 2: Update - Lookup plus users can add new entries and update existing ones.
      • 1000: Admin - Update plus users can edit the TM and set permissions on it.
    • For TBs:
      • 1: Lookup - Users can perform lookup on the TB
      • 2: Update - Lookup plus users can add new entries and update existing ones.
      • 3: Review - Modify plus users can perform review operations on a reviewable TB.
      • 1000: Admin - Review plus users can edit the TB and set permissions on it.
    • For Corpora:
      • 1: Lookup - Users can add corpus to porject and can lookup results in translation grid
      • 2: MassLookup - Lookup + batch lookup for statistics and pre-translate
      • 3: View - MassLookup + access to documents and open documents for view only
      • 4: Edit - View + edit documents
      • 5: Approve - Edit + approve documents
      • 1000: Admin - Approve + change permissions for the corpus, delete the corpus remove the corpus from the server, add/remove documents from the corpus, change readonly attribute, change corpus properties, unpublish
    • For light resources:
      • 1: Use - Users can use the resource, but can not change it.
      • 2: Change - Use + users can change the resource (e.g its content and properties)
      • 1000: Admin - Change + change permissions for the resource, delete, clone, import and export the resource.

Working with the memoQ client application a user can set permissions on an object if:

  • he/she is a member of the Administrators group
  • or he/she is a member of the Project Managers group and has Admin right on the object.

When accessing the memoQ Server API the caller (as a service user) is virtually added to the Administrators group so no restrictions apply. This behavior can be changed if required.

Permissions in Server Projects

It should be noted that special permissions apply (besides global permissions) when a user is connected to a server project from memoQ Client based on his/her server project role. This topic will be covered in the Server Project webservice interface specification.