Review Item Properties

The Content Browser includes a Properties button that opens a panel allowing [administrators and content managers]([Built-In Groups](/en/184iew the selected item fields, permissions and its Quick View (see Understanding Fields). The panel is useful for troubleshooting and ensure that items have the expected fields and values as well as the correct permissions so that restricted information can only be accessed by the authorized groups or members (see Coveo Cloud V2 Management of Security Identities and Item Permissions).

Fields Tab

The Fields tab provides more information about the item (see Understanding Fields). Each item comes with a certain number of fields that help you quickly grasp the item content.

Access the “Fields” Tab

  1. If not already done, log in to the Coveo Cloud platform as a member of a group with the required privileges to review content in the target Coveo Cloud organization.

  2. In the main menu on the left, under Content, select Content Browser.

  3. On the Content Browser page, search and select the card of the item for which you want to inspect properties.

  4. In the Action bar, click Properties.

    The [Item Title] properties panel opens. The panel title is the same as the selected item title.

  5. In the [Item Title] properties panel, click the Fields tab.

Search Fields

  1. Access the “Fields” tab.

  2. In the Fields tab, in the right section of the Action bar, click the Filter box.

  3. Type text to refine the list to only fields that contain a certain string or type the field name that you want to find.

    The filter automatically applies as you type.

Open the Item in its Original System

  1. Access the “Fields” tab.

  2. In the Fields tab, in the Value column, next to fields that have clickable URIs (when defined) as values, click the link to open the item in its original system.

Review Item Fields

The body of the Fields tab is essentially a table listing all fields defined on the item (see Access the “Fields” Tab and Understanding Fields). The available fields vary depending on the type of source as each type comes with built-in fields, and on the user-defined and system fields selected to be displayed in result cards (see Understanding Fields).

  • The top of the tab displays the Item Unique ID that uniquely identifies the item in the organization index.

    The Unique ID can be used when troubleshooting item permissions or fields, or when pushing items with API calls.

  • Fields column indicates the field name that was entered when creating the field, or the name of the built-in and system fields (see Adding and Managing Fields and Field Origins).

    Fields must meet the following requirements to be displayed in the column:

    • Contain a value (e.g., syslanguage is displayed only if the language of the item is recognized by Coveo Cloud).

    • Have the Displayable in results option selected in their configuration (see Add or Edit Fields).

  • Value column indicates the value for each field (see Understanding Fields).

Permissions Tab

The Permissions tab helps you review which users, groups, and virtual groups are associated with a specific item, and whether those security identities are allowed or denied to view the item in search results (see Coveo Cloud V2 Management of Security Identities and Item Permissions).

The top of the tab displays the item permission status:

  • A user must be explicitly allowed and not denied to view this item in search results.

    To view the selected item, a user must:

    • Be authenticated in the search page.

    • Have one of their security identities marked as allowed to access the item (see Basic Secured Search).

    • Have none of their security identities marked as denied to access the item.

  • All users can view this item in search results.

    This item is public (see Public Items and Anonymous Users). Users do not have to be authenticated to view this item. Anyone that can access your search page can also access this item.

  • All users can view this item in search results, except explicitly denied users.

    This item is public (see Public Items and Anonymous Users). Users do not have to be authenticated to view this item. Anyone that can access your search page can also access this item, except users that are explicitly marked as denied.

  • No user can currently view this item in search results. Review the Permission Details tab or contact Coveo Support to troubleshoot the issue.

    Users must be authenticated to access this item, but no permission on the item has been found.

</div>

The table contains the following columns and values:

  • Identity Provider Name

    The name of the security identity provider the Identity belongs to. You can see all identity providers on the Security Identities page (see Managing Security Identities).

  • Type

    The type of the security identity, which can be either User, Group, or Virtual Group (see Coveo Cloud V2 Management of Security Identities and Item Permissions).

  • Identity

    The name that uniquely represents the security identity.

    *@* is a group that contains all known users of the Email identity provider.

  • State

    The state of the security identity. The possible states are the following:

    State Details Action to take
    Not updated Security identity not updated yet. None. Wait for first automatic update (see Managing Security Identities). Contact Coveo Support if the update does not start after a few days.
    In error Last update failed with an error. Relationships of the security identity are cleared (see Note). Check Last update result for more information, solve issue, and update security identity again (see Last update result and Managing Security Identities).
    Out of date Last update failed, but the security identity has previously been updated successfully. Check Last update result for more information, solve issue, and update security identity again (see Last update result and Managing Security Identities).
    Disabled Security identity may have been deleted in the corresponding indexed system. Relationships of the security identity are cleared (see Note). None. Security identity will be re-enabled next time Coveo Cloud encounters it.
    Up to date Security identity successfully updated. No issue encountered. None.

    Clearing the relationships of a security identity means that the security identity cache deletes the links between a security identity that is disabled or in error and its associated parent security identities, child security identities, granted security identities, and aliases (see Security Identity Relationships). Users logging in to Coveo Cloud therefore do not receive this additional security identity.

    John Smith is a member of the Accountants and Finances Department groups. The Accountants group security identity is in error. When logging in to Coveo Cloud, John Smith receives the Finances Department group security identity as an additional security identity. However, since the relationship between his user security identity and the Accountants group security identity has been deleted, he cannot access items that the Accountants group is allowed to access, unless his user security identity or the Finances Department group security identity is also allowed to access them. John Smith’s search results are therefore the same as they would be if he was not a member of the Accountants group in the original enterprise system.

    In other words, when the most recent information regarding a security identity is lacking, Coveo Cloud does not allow access to items via this identity to prevent security holes.

    Click an identity row to expand it. In the expansion, next to the Last update date, the Last update result displays a security provider message for troubleshooting:

    Last update result Description
    Success Security identity successfully updated. No issue encountered.
    None Security identity not updated yet.
    Access denied Security identity provider is denied access to the enterprise system.
    Timed out A timeout error occurred while calling the enterprise system to update the security identity.
    Entity is invalid Security identity is invalid (e.g., inadequate format or configuration) or does not exist in the enterprise system anymore.
    Entity is unavailable Security identity update failed.
    Security provider is unavailable Security identity provider not found.
    Security provider is unreachable Security identity provider cannot be reached.
    Security provider is not ready Security identity provider is not ready to provide the requested information. Try again later.
    Unexpected error An unexpected error occurred while updating the security identity. Contact Coveo Support for assistance.
  • Permissions

    A green check mark indicates that the specified security identity is allowed to view the item in search results (see Coveo Cloud V2 Management of Security Identities and Item Permissions).

    A red X indicates that the specified security identity is not allowed to view the item in search results.

Access the “Permissions” Tab

  1. If not already done, log in to the Coveo Cloud platform as a member of a group with the required privileges to review the content and permissions in the target Coveo Cloud organization.

  2. In the main menu on the left, under Content, select Content Browser.

  3. On the Content Browser page, search and select the card of the item for which you want to inspect properties.

  4. In the Action bar, click Properties.

    The [Item Title] properties panel opens. The panel title is the same as the selected item title.

  5. In the [Item Title] properties panel, click the Permissions tab.

Review the State of the Item Permissions

  1. Access the “Permissions” tab.

  2. In the [Permissions] tab, click the State drop-down menu, select one of the following options: All, Up to date, Not updated, Out of date, In error, or Disabled.

By default, all permissions are listed regardless of their state.

Review Effective Permissions on the Item

  1. Access the “Permissions” tab.

  2. In the [Permissions] tab, click the Permissions drop-down menu, select one of the following options: All, Allowed, or Denied, and then ensure item permissions are accurate.

By default, all identities are listed regardless or their permissions.

  1. Access the “Permissions” tab.

  2. In the [Permissions] tab, at the bottom-right of the table, click the left and right arrow icons, or a page number to navigate through pages.

Permission Details Tab

The Permission Details tab shows the permission model of the item in its original system the last time the item source was refreshed.

A permission model is composed of one or multiple permission levels that each contains one or multiple permission sets that each contains one or multiple security identities (users, groups, and virtual groups). This architecture defines who will be able to view the item in the search results, which a resulting security identity list is displayed in the Permissions Tab.

If you think the permission model does not accurately represent the item access rights, perform a source refresh, which may resolve the issue. If the problem persists, contact Coveo Support.

The top of the table contains the following parameters and values:

  • Last Update

    Date/time of the last system permission model refresh.

    The Permission Details tab is updated each time the source of the item is refreshed (refresh, rescan or rebuild) and a content change.

  • State

    The state of the permission model, which can be either Unknown, Valid, Pending, Incomplete, In error, or Warning.

    Update Result Description Action to take
    Valid Permission model updated. All identities in the permission model are valid and up to date (see State). None
    Pending Permission model not updated yet. If the permission model is still not updated after several days, contact Coveo Support for assistance.
    Incomplete

    Permission model updated. However:

    The effective Allowed permissions may be incomplete.

    Check the Permissions tab to determine which identities are out of date or in error (see Permissions Tab and State). If you cannot see the problematic identities, contact Coveo Support.

    Warning The permission model has been updated, but at least one denied entity is out of date. The Denied effective permission list may therefore be incomplete. This issue requires immediate attention, as it can cause a security hole. Check the Permissions tab to determine which identities are out of date and solve this issue immediately. Contact Coveo Support for assistance.
    In error Permission model updated. However, permission level 0 contains at least one denied identity that was not successfully updated. The item will not be displayed in the search results to prevent security holes. Check the Permissions tab to determine which identities are out of date or in error (see Permissions Tab and State). If you cannot see the problematic identities, contact Coveo Support.

The table lists the two components of a system permission model:

When available, permission level and set names hint at the level or set origin in the item system (e.g., Sharing Permissions, Administrator Set, etc.). Otherwise, Coveo Cloud generates names in the following format:

  • Permission level [n]

  • Permission set [n].

  • Permission Level

    The name of the permission level that is assigned to the item.

  • Permission Set

    The name of the permission set contained in the selected permission level that are assigned to the item.

    A permission level can contain one or more permission sets.

    Next to the permission set name, an icon (Icon-PublicItem or Icon-Lock) indicates whether this permission set allows users represented by an anonymous identity to access the item (see Permission Sets and Public Items and Anonymous Users).

    For each permission set, the table lists the following information:

    • Identity Provider Name

      The name of the security identity provider. You can see all identity providers on the Security Identities page (see Managing Security Identities).

    • Type

      The type of the security identity, which can be either User, Group, or Virtual Group.

    • Identity

      The name that uniquely represents the security identity.

      *@* is a group that contains all known users of the Email identity provider.

    • State

      The state of the security identity, which can be either Up to date, Not updated, Out of date, In error, or Disabled (see State).

    • Permissions

      A green check mark indicates that the specified security identity is allowed to view the item in search results (see Coveo Cloud V2 Management of Security Identities and Item Permissions).

      A red X indicates that the specified security identity is not allowed to view the item in search results.

Access the “Permission Details” Tab

  1. If not already done, log in to the Coveo Cloud platform as a member of a group with the required privileges to review the content and permissions in the target Coveo Cloud organization.

  2. In the main menu on the left, under Content, select Content Browser.

  3. On the Content Browser page, search and select the card of the item for which you want to inspect properties.

  4. In the Action bar, click Properties.

    The [Item Title] properties panel opens. The panel title is the same as the selected item title.

  5. In the [Item Title] properties panel, click the Permission Details tab.

Review Permission Levels and Sets

  1. Access the “Permission Details” tab.

  2. In the [Permission Details] tab, in the Level column, select a permission level, and then in the Set column, select the permission set that you want to review (if any) (see Coveo Cloud V2 Management of Security Identities and Item Permissions).

Quick View Tab

The Quick View tab helps you review item content without having to access its original system. The tab is only displayed when a preview is available for this item (see Access the “Quick View” tab).

Access the “Quick View” Tab

  1. If not already done, log in to the Coveo Cloud platform as a member of a group with the required privileges to review content in the target Coveo Cloud organization.

  2. In the main menu on the left, under Content, select Content Browser.

  3. On the Content Browser page, search and select the card of the item for which you want to inspect properties.

  4. In the Action bar, click Properties.

    The [Item Title] properties panel opens. The panel title is the same as the selected item title.

  5. In the [Item Title] properties panel, click the Quick View tab.

    The maximum supported item size is 10 000 bytes.

Item JSON Tab

The Item JSON tab shows the item properties in JSON format, which is especially useful for troubleshooting purposes.

Access the “Item JSON” Tab

  1. If not already done, log in to the Coveo Cloud platform as a member of a group with the required privileges to review content in the target Coveo Cloud organization.

  2. In the main menu on the left, under Content, select Content Browser.

  3. On the Content Browser page, search and select the card of the item for which you want to inspect properties.

  4. In the Action bar, click Properties.

    The [Item Title] properties panel opens. The panel title is the same as the selected item title.

  5. In the [Item Title] properties panel, click the Item JSON tab.

Search for a Keyword

The Item JSON tab content can be pretty long. Therefore, you can use the implemented search feature to easily find item properties such as field names and values.

  1. Access the “Item JSON” tab.

  2. In the Item JSON tab, fill the Search box with the desired keyword(s):

    1. Click anywhere in the JSON box.

    2. Press Ctrl-F (Windows) or cmd-F (Mac).

    3. In the Search box that appears at the top of the JSON box, type the desired keyword(s).

    OR

    In the JSON box, select the keyword(s) you want to search, and then press Ctrl-F (Windows) or cmd-F (Mac).

    The selected keyword(s) automatically appears in the Search box.

  3. Press Enter.

    When present, the keyword occurrences are highlighted with a yellow background. The box content scrolls when needed to ensure the first keyword occurrence is visible.

  4. Repeat steps 1 and 2 to automatically scroll in the JSON box to review the other keyword occurrences.

The search feature also supports regular expressions (regex).