[CET] Access Model
[CET] trees have a model that controls who can access and modify tree data, and who can manage group and tree settings. The access model also controls which users and third-party applications can access the tree through the API.
[CET] Groups
Every [CET] is associated with a group. The group contains information such as user membership, user roles, and a code of conduct. Management of user membership is only available on the FamilySearch website.
User Roles
[CET] tree permissions vary based upon the role of the user. The following roles apply to the access of [CET] trees.
Owner: The user who initially created the [CET] tree.
Contributor: A user who has been invited to collaborate on the [CET] tree.
Co-Owner: A contributor who has been promoted by the owner to assist with managing the tree and contributors.
FamilySearch User: Any other FamilySearch user who has not been invited as a contributor to a tree.
[CET] Access Rights
The owner and co-owners have permission to manage the group, to invite other contributors, and to manage tree settings. Only the owner can delete the tree. The owner, co-owners, and contributors have permission to view, create, update, and delete all persons, relationships, and other data in the public and private space of the tree. Other FamilySearch users can view any data in the tree’s public space. For more information about public and private spaces, see the document [Family Tree System].
Table 1 – [CET] Access Rights by Role
| Owner | Co-Owner | Contributor | FamilySearch Users | |
|---|---|---|---|---|
| Manage Group | X | X | ||
| Invite Other Contributors | X | X | ||
| Manage Tree | X | X | ||
| Delete Group (and Tree) | X | |||
| Create, Read, Update, and Delete all Persons, Relationships, etc. | X | X | X | |
| View Persons, Relationships, etc. in Public Space | X | X | X | X |
[CET] Access via the FamilySearch API
A [CET] may or may not be accessible by a third-party application. API access settings are configured by the application that initially creates the tree. These settings determine which applications are allowed to access the tree through the FamilySearch API. The settings also determine which users can access the tree through the FamilySearch API.
The settings that control which applications and users can access the tree through the API are called 'ownerAccess' and 'groupAccess'.
The 'ownerAccess' setting specifies which third-party applications are allowed to access the tree by the owner of the tree. This setting has the following options:
- CompanyApps: the owner can access the tree only via apps from the company that created it.
- AnyApps: the owner can access the tree through any application.
The 'groupAccess' setting specifies which third-party applications are allowed to access the tree by any group member, including the co-owners, and contributors. This setting has the following options:
- None: No other group members can access the app through any application.
- CompanyApps: The group members can access the tree only via apps from the company that created it.
- AnyApps: The group members can access the tree through any application.
The Create CET example request shows how these attributes are to be set. The 'ownerAccess' and 'groupAccess' settings can be applied using the values documented by the ThirdPartyAccess data type.
Updated about 2 months ago