A Repository can support
two types of permissions.
Previous
Next
Home
a. CMIS specific permissions
b. Repository specific permissions
Access Control List (ACL)
Access Control list is a
collection of Access Control entries (ACE). Each ACE holds below information.
a. Principal: It specify a user, group (or) role
b. Collection of strings that represents the permissions
assigned to this principal
c. A boolean flag ‘direct’, it represents whether the ACE is
directly assigned to this object (or) inherited
CMIS permissions
Below table summarises
the permissions defined by CMIS.
Permission
|
Description
|
cmis:all
|
Principal has all the
basic CMIS permissions
|
cmis:write
|
Principal can able to
update properties and content of an object. Principal can read the content
also.
|
cmis:read
|
Principal can able to
read the content of an object
|
My later posts explains
how to determine whether a repository supports ACLs or not, how to add an ACl,
how to remove an ACL, how ACLs are mapped to allowable actions.
No comments:
Post a Comment