The topics in this section describe the access rights that
apply to securable objects and also provide some security details.
Securable objects
An independently securable object has its own Access Control
List (ACL) that specifies its security and ensures that access rights
are checked each time a user tries to access it. A dependently securable
object depends on some other object as its security parent.
Object store access rights
When running the Object Store wizard, you specify the users
and groups that should be object store administrators and those who
should have non-administrative access rights. You can view and modify
these security assignments any time while running Administration Console for Content Platform Engine.
Class access rights
Classes receive default security initially from their parent
class.
Folder access rights
Folders are instances of the folder class and obtain default
security from their class.
Document access rights
Documents are instances of the document class. When first
created they obtain initial security from the Default Instance Security
ACL of their class.
Compound document security
Component Relationship objects define the structure of
a compound document and specify rules for binding from the parent
to a child component.
Annotation access rights
Annotations are instances of the Annotation class. Therefore
they obtain initial security from the Default Instance Security ACL
of their class, like all objects do when first created.
Custom object access rights
Custom objects are securable, containable objects (can
be filed in folders) but have no content and are not versionable.
Workflow definition access rights
Workflow definitions are versionable documents with the
same security as regular documents. A user must have View Properties
access rights to launch or to participate in a workflow.
Script access rights
Some scripts run with Content Platform Engine server credentials.
Publishing access rights
Publishing creates a new document, called a publication
document, according to the specifications in the publish template
selected by the user, and the optional style template specified in
the publish template. For example, a manager might maintain a Procedures
Guide (a Microsoft Word document) and publish it in HTML format to
the /Department folder, which is available to
all members of the department.
Search access rights
A stored search or search template is stored as a versionable
document in the Stored Search class.