Security tab

With the security editor you can view and edit the Access Control List (ACL) of the associated object. Enterprise Manager uses the security editor in the following three security tabs:

For more information, see Icons and About access rights.

List of ACEs
Displays a single Access Control Entry (ACE) per row. Select an ACE to view and edit its security in the rest of the security editor. Click on a column heading to sort the rows based on the contents of that column. If no ACEs appear, click the Add button.
Name
Displays the user or group's name as provided by the FileNet P8 domain's authentication provider. When you hold the mouse over the name, the tool tip will show the Display Name followed by the Principal Name in parentheses, as in:

DisplayName (PrincipalName)
.

Click Add or Remove at the bottom of the security editor to make changes to this list. The icons display whether the ACE is a user or a group, whether it is denied or allowed, and whether it is inherited or not.

Source
Displays the source of the ACE: either Default, Direct, Inherited, or Template.
Level
Displays the level, described below.
Apply to
Displays one of the three levels of inheritable depth, defined below.
Type
Displays and lets you edit whether the selected ACE is Allowed or Denied. Will not be available if the selected ACE is inherited.
Apply to
Use to set the inheritable depth of the selected ACE. Will not be available if the selected ACE is inherited.
Level
Use to set the level of security for the selected ACE. Levels are logically assembled collections of rights that are appropriate for varying degrees of access to the object. Levels are generally ordered with the more powerful at the top (with the exception of Custom, explained below). Different objects have different Levels. For example, only documents have the Major Versioning level. Folders, which are not versionable, do not have this level. Folders have the Add to Folder level, which documents do not.

When you select a level, two things happen: the rights that comprise it become selected in the Rights column; other levels that are included in the selected level will be marked with an asterisk. For example, selecting Full Control will cause all the other levels to be marked with an asterisk.

NOTE  All objects include a Custom level, which will automatically be selected if you choose a collection of rights that is not exactly mapped to one of the predefined levels.

Rights
Select individual rights for the selected ACE. Doing so can affect the selected Level. Selecting a Level also affects the rights that are selected.
Add
Click to add users and groups.
Remove
Click to remove the selected ACE from the ACL of this object. (This does not remove the user or group from the authentication provider or from any other ACLs the ACE may be present.)
Active Marking/Owner
Click to open the Access Control Settings dialog box, where you can view or edit the object's markings and ownership. If the current object does not permit markings, the label on this button will be only "Owner" and the resultant Access Control Settings dialog box will contain only an Owner tab.