Select user criteria for a knowledge base

You can specify user criteria to control which users can create, read, write, and retire knowledge articles within a knowledge base.

About this task

User criteria refers to knowledge base records that determine the users who can read or contribute to a knowledge base. User criteria definitions:
canRead
users who can read all knowledge base articles
cantRead
users who cannot read, create, or modify articles in the knowledge base
canContribute
users who can read, create, and modify articles in the knowledge base
cantContribute
users who cannot create or modify articles in the knowledge base
No User Criteria

If a knowledge base has no user criteria, all users can read its articles. Any user having at least one role can create and edit articles, unless they are members of the cantContribute user criteria. If a knowledge base has canRead user criteria, but no canContribute user criteria, all users with at least one role can access and modify the knowledge base. This video demonstrates how to control Knowledge Management access through user criteria.

This video demonstrates how to control Knowledge Management access through user criteria.

Procedure

  1. Navigate to Knowledge > Knowledge Bases.
  2. Select a knowledge base you manage.
  3. Access one of these related lists, and then select or create user criteria records.
    OptionDescription
    Can read Users who meet one of these criteria can read articles in this knowledge base.
    Can contribute Users who meet one of these criteria can create and edit articles in this knowledge base.

Result

Table 1. Order of System Validation (L->R)
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
empty empty empty empty
  1. All Users with role -> Create
  2. All Users -> Read
empty empty empty User A
  1. All Users with role -> Create
  2. User A -> Read
  3. All Users with role -> Read
empty empty User B empty
  1. All Users with role -> Create
  2. All Users -> Read
empty empty User B User A
  1. All Users with role -> Create
  2. User A -> Read
  3. All Users with role -> Read
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
empty User C empty empty
  1. User C -> Create
  2. All Users -> Read
empty User C empty User A
  1. User C -> Create, Read
  2. User A -> Read
empty User C User B empty
  1. User C -> Create, Read
  2. User B -> Denied Read
  3. All Other Users -> Read
empty User C User B User A
  1. User C -> Create, Read
  2. User B -> Denied Read
  3. User A -> Read
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
User D empty empty empty
  1. User D -> Denied Create
  2. All Other Users with role -> Create
  3. All Users -> Read
User D empty empty User A
  1. User D -> Denied Create, Read
  2. All Other Users with role -> Create
  3. User A -> Read
  4. All Users with role -> Read
User D empty User B empty
  1. User D -> Denied Create
  2. All Other Users with role -> Create
  3. All Users -> Read
User D empty User B User A
  1. User D -> Denied Create, Read
  2. All Other Users with role -> Create
  3. User A -> Read
  4. All Users with role -> Read
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
User D User C empty empty
  1. User D -> Denied Create
  2. User C -> Create, Read
  3. All Users -> Read
User D User C empty User A
  1. User D -> Denied Create, Read
  2. User C -> Create, Read
  3. User A -> Read
User D User C User B empty
  1. User D -> Denied Create
  2. User C -> Create, Read
  3. User B -> Denied Read
  4. All Other Users -> Read
User D User C User B User A
  1. User D -> Denied Create, Read
  2. User C -> Create, Read
  3. User B -> Denied Read
  4. User A -> Read
Note: In the tables of rules, an implicit last rule is: All Users -> Denied Create, Read.