Friday, 19 April 2019

openCMIS: Working with Access Control

 A Repository can support two types of permissions.
a.   CMIS specific permissions
b.   Repository specific permissions

Access Control List (ACL)
Access Control list is a collection of Access Control entries (ACE). Each ACE holds below information.
a.   Principal: It specify a user, group (or) role
b.   Collection of strings that represents the permissions assigned to this principal
c.    A boolean flag ‘direct’, it represents whether the ACE is directly assigned to this object (or) inherited

CMIS permissions
Below table summarises the permissions defined by CMIS.

Permission
Description
cmis:all
Principal has all the basic CMIS permissions
cmis:write
Principal can able to update properties and content of an object. Principal can read the content also.
cmis:read
Principal can able to read the content of an object

My later posts explains how to determine whether a repository supports ACLs or not, how to add an ACl, how to remove an ACL, how ACLs are mapped to allowable actions.
Previous                                                 Next                                                 Home

No comments:

Post a Comment