Permissions are added, viewed, or modified on the Permissions tab of the New Permission Set - Info or the Permissions tab of the Permission Sets Properties page, as described in Table 5.3.
Table 5.3. Permission properties
| Field label | Value |
|---|---|
Required Groups | A required group entry requires a user requesting access to an object governed by the permission set to be a member of the group identified in the entry. If there are entries for multiple groups, the user must be a member of all of the groups before Content Server allows access to the object. Click Add to access the Choose a group page to add groups to the permission set, of which a user must be a member for repositories where Trusted Content Services is enabled. Select a group and click Remove to remove a required group. |
Group | Displays groups of which a user must be a member for repositories where Trusted Content Services is enabled. If no groups are defined, the system displays the message No Required Groups exist for the permission set. |
Required Group Set | A required group set entry requires a user requesting access to an object governed by the permission set to be a member of at least one group in the set of groups. Click Add to access the Choose a group page to add groups to the permission set, of which a user must be a member of at least one for repositories where Trusted Content Services is enabled. Select a group and click Remove to remove a group set. |
Group | Displays groups of which a user must be a member of at least one for repositories where Trusted Content Services is enabled. If no groups are defined, the system displays the message No Required Groups exist for the permission set. |
Grant access to | The Content Server automatically adds dm_owner and dm_world to a permission set. The default alias dm_owner represents the owner of the permission set and dm_world represents all repository users. You cannot delete dm_owner or dm_world from a permission set.
|
Accessors | Displays users and groups who are included in the permission set. |
Permissions | Displays the basic permission level access for the user or group. To change the basic permission level access, select a user and click Edit. |
Extended Permissions | Displays the extended permissions for the user or group. To change the extended permissions, select a user and click Edit. |
Conflict | If there are validation conflicts, the system displays reasons for the conflicts. For example:
|
Deny access to | An access restriction entry denies a user the right to the base object-level permission level specified in the entry. For example, if a user would otherwise have Delete permission as a member of a particular group, an access restriction might limit the user to, at most, Version permission. The user would therefore lose Write and Delete permissions.
|
Accessors | Displays users and groups who have restricted permissions in the permission set. |
Denied Access Level | Displays the restricted access level for the user or group. For example, if the user would otherwise have Delete permission as a member of a particular group and you set it to Version, the user loses Write and Delete permissions. To change the restricted basic permission level access, select a user and click Edit. |
Extended Restrictions | Displays the extended restrictions for the user or group. To change the extended restrictions, select a user and click Edit. |
Conflict | If there are validation conflicts, the system displays reasons for the conflicts. |