ACL stands for Access Control List. It is security mechanism provided by documentum to control security of Documentum Content Server objects.
ACL object attributes:
Each ACL object has below attributes:
- object_name (ACL object name)
- owner_name (Owner of the ACL name, most of the time creator name)
- r_accessor_name (Either dm_user or dm_group name who associated with this acl)
- r_accessor_permit (Permission READ, WRITE, DELETE,...)
- r_accessor_xpermit (Extended permission for the accessor)
Each dm_document object is associated with one of the ACL object.
Possible Persmission Set value for r_accessor_permit attribute:
Below are the possible premission values can be set in r_accessor_permit attribute values,:
- NONE (1) - implies that access restricted. The objects which are associated with NONE permission value ACL can't be accessed by users or groups associated with
- r_accessor_name.
- BROWSE (2)
- READ (3) - implies that READ permission is allowed for the users or groups associated with ACL to objects marked with this ACL.
- RELATE (4) - implies that user can perform annotate operation in object.
- VERSION (5)- implies that user can version the object along with annotate and read capability.
- WRITE (6)- implies that user can perform edit operation along with above operation.
- DELETE (7)- implies that user can perform all above operation and can delete this object from repository.
Documentum desktop client is providing ACL editor to create/edit ACL using UI.
Documentum is also providing API methods to create new ACL, Sample one is
create,c,dm_acl,
set,c,l,object_name SAMPLE_ACL
set,c,l,owner_name dm_dbo
grant,c,l,dm_owner,6
grant,c,l,dm_world,1
save,c,l
ACL Types:
There are two types ACL in Documentum.
1. System ACL - It is default ACL created by docbase, it may be for temporary. These ACL object_name will start dm_
2. User ACL
Reference:
http://www.dmdeveloper.com/articles/concepts/acls.pf.html
2 comments:
Nice
Thank you.
Post a Comment