Creating LDAP accounts is the first step in this example.
To set up security for the credit card approval process, the administrator will:
To simplify maintenance, create a group for each function, even if only one person performs the function. You then update the group membership when job assignments change. For this example, we'll create the following groups:
Display the Default Instance Security tab, and add the groups, with the access rights indicated in the table below. Optionally and alternatively, you can associate the CCAppls document class with a security policy that will apply appropriate security to applications depending on the version status.
Group | Access Rights for Document Class: CCAppls |
---|---|
CC_ApplsEntry | View Properties |
CC_Processors | Modify Properties |
CC_Analyst | Modify Content |
CC_Manager | View Properties |
Display the Default Instance Security tab, and add the groups, with the access rights indicated in the table below. Optionally and alternatively, you can associate the CCProcedures document class with a security policy to apply security appropriate to the procedure's version status.
Group | Access Rights for Document Class: CCProcedures |
---|---|
CC_ApplsEntry | View Properties |
CC_Processors | View Properties |
CC_Analyst | View Properties |
CC_Manager | Modify Properties Publish |
Group | Access Rights for Workflow Definition: CCAppls |
---|---|
CC_Processors | View Properties |
CC_Analyst | View Properties |
Group | Access Rights for Publish Template: CCProceduresPublishing |
---|---|
CC_Manager | View Content |
Create folders with the access rights indicated in the tables below.
Group | Access Rights for Folder: /NewAppls |
---|---|
CC_ApplsEntry | Add to Folder |
CC_Processors | Add to Folder |
CC_Analyst | View Properties |
CC_Manager | View Properties |
Group | Access Rights for Folders: / Approved and /Denied |
---|---|
CC_Processors | Add to Folder |
CC_Manager | View Properties |
Group | Access Rights for Folder: /Pending |
---|---|
CC_Processors | Add to Folder |
CC_Analyst | View Properties |
CC_Manager | View Properties |
Group | Access Rights for Folder: /ProceduresSource |
---|---|
CC_Manager | Add to Folder |
Group | Access Rights for Folder: /Procedures |
---|---|
CC_Manager | Add to Folder |
All other groups | View Properties |
Optionally, a folder can be the security parent for the contained objects (subfolder, documents, and custom objects). This requires configuration of the parent folder and each contained object.