There are three options available for default ACL assignment: type, folder and user. The default setting in affect on content server is permission inherited from user (Picture).
Inherit from user:
This is a default setting on content server and it gives user the ability to grant/revoke permission on individual documents. This leads to creation of unique ACL for every document in the repository.
A user’s default ACL is recorded in the user’s acl _name and acl _domain attributes .
Inherit from type:
number of acls = number of types.
This is a default setting on content server and it gives user the ability to grant/revoke permission on individual documents. This leads to creation of unique ACL for every document in the repository.
A user’s default ACL is recorded in the user’s acl _name and acl _domain attributes .
Inherit from type:
number of acls = number of types.
The type of document defines who can access the document. You have to define default ACL for every sysobject object type – not only for your custom types. The reluctance to do that, can result in errors when creating certain objects, for example users:
Error committing changes
[DM_SYSOBJECT_E_TYPE_DEF_ACL]error: “ACL inheritance failed, due to missing ACL in the type ‘dm_cabinet’.
The simplicity of this setting also makes it not very flexible. If you want to aggregate permissions for accounting dept, you would have to create more object types.
Inherit from folder:
This type of permission inheritance is used in most operating systems and requires management of ACLs at the folder level.
A folder or cabinet’ s default ACL is recorded in the object’ s acl _name and acl _domain attributes.
This type of permission inheritance is used in most operating systems and requires management of ACLs at the folder level.
A folder or cabinet’ s default ACL is recorded in the object’ s acl _name and acl _domain attributes.
No comments:
Post a Comment