Provides a set of commonly used combinations of access rights for simplifying presentation of access rights in a user interface (UI). Alternatively, you can use the I AccessPermissionDescription interface for presenting access levels and access rights in a UI. Unlike this interface, the IAccessPermissionDescription interface includes methods that provide descriptive information about access rights and access levels.

Access level definitions are subject to change. Do not use AccessLevel constants in non-interactive program logic for setting or checking permissions.

Namespace:  FileNet.Api.Constants
Assembly:  FileNet.Api (in FileNet.Api.dll)

ToggleSyntax

Visual Basic (Declaration)
Public Enumeration AccessLevel
C#
public enum AccessLevel
Visual C++
public enum class AccessLevel
JavaScript
FileNet.Api.Constants.AccessLevel = function();
FileNet.Api.Constants.AccessLevel.createEnum('FileNet.Api.Constants.AccessLevel', false);

ToggleMembers

TypeMember nameDescription
FULL_CONTROL
Specifies full access rights to an object for base level permissions. A user or group assigned this level is granted or denied permission to perform all available Content Engine functions on the object. Setting this access level is equivalent to specifying all of the available AccessLevel.FULL_CONTROL_* constants.
FULL_CONTROL_OBJECT_STORE
Specifies that the user or group is granted or denied full access rights to an object store. A user or group assigned this level can perform all available Content Engine functions on the object store. Setting this access level is equivalent to specifying the following combination of access rights:
  • AccessRight.WRITE_ANY_OWNER
  • AccessRight.REMOVE_OBJECTS
  • AccessRight.MODIFY_OBJECTS
  • AccessRight.STORE_OBJECTS
  • AccessRight.CONNECT
  • AccessRight.WRITE_ACL
  • AccessRight.READ_ACL
VIEW
Specifies that the user or group is granted or denied permission to view an object's properties, security, and content. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.VIEW_CONTENT
  • AccessLevel.READ
FULL_CONTROL_FOLDER
Specifies full access rights to functions that can be performed on a Folder object. A user or group assigned this level of access is granted or denied permission to link to and unlink from the Folder object; create a subfolder; modify the object's properties and its security; change the object's ownership; and delete the object.

Assigning this access level is equivalent to setting the following combination of individual and Level access rights:

  • AccessRight.DELETE
  • AccessRight.RESERVED12
  • AccessRight.RESERVED13
  • AccessRight.WRITE_ACL
  • AccessRight.WRITE_OWNER
  • AccessLevel.WRITE_FOLDER
  • AccessRight.MAJOR_VERSION
LINK_FOLDER
Specifies that the user or group is granted or denied permission to link to and unlink from a Folder object. The user or group can also view the folder's properties and security. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.LINK
  • AccessRight.UNLINK
  • AccessLevel.READ
LINK_CUSTOM
Specifies that the user or group is granted or denied permission to link to and view a CustomObject object's properties and security. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.LINK
  • AccessLevel.READ
WRITE_CLASS_DEF
Specifies that the user or group is granted or denied permission to create an instance of the object; modify the object's properties; link to the object; and create an instance of the object. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.CREATE_CHILD
  • AccessRight.CREATE_INSTANCE
  • AccessRight.LINK
  • AccessRight.WRITE
  • AccessLevel.READ
MINOR_VERSION_DOCUMENT
Specifies that the user or group is granted or denied permission to create a new minor version of a Document object's content. The user or group can also link to a Document object; change its state; modify its properties; and view its content. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.MINOR_VERSION
  • AccessLevel.WRITE_DOCUMENT
WRITE_DEFAULT
Specifies that the user or group is granted or denied permission to modify the object's properties and create a new instance of the object. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.CREATE_INSTANCE
  • AccessRight.WRITE
  • AccessLevel.READ
LINK_CLASS_DEF
Specifies that the user or group is granted or denied permission to link to and view a ClassDefinition object's properties and security. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.LINK
  • AccessLevel.READ
MAJOR_VERSION_DOCUMENT
Specifies that the user or group is granted or denied permission to create a new major version of a Document object's content. The user or group can also link to a Document object; change its state; modify its properties; and view its content. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.MAJOR_VERSION
  • AccessRight.MINOR_VERSION
  • AccessLevel.WRITE_DOCUMENT
FULL_CONTROL_DOCUMENT
Specifies full access rights to functions that can be performed on a Document object. A user or group assigned this level of access is granted or denied permission to link to the Document object; publish the document; modify its properties and its security; change its state; view its contents; create a new version of its content; and changes its ownership.

Assigning this access level is equivalent to setting the following combination of access rights:

  • AccessRight.READ
  • AccessRight.WRITE
  • AccessRight.LINK
  • AccessRight.MAJOR_VERSION
  • AccessRight.MINOR_VERSION
  • AccessRight.VIEW_CONTENT
  • AccessRight.CREATE_INSTANCE
  • AccessRight.CHANGE_STATE
  • AccessRight.PUBLISH
  • AccessRight.DELETE
  • AccessRight.READ_ACL
  • AccessRight.WRITE_ACL
  • AccessRight.RESERVED13
  • AccessRight.RESERVED12
FULL_CONTROL_TASK
Specifies full access rights to functions that can be performed on a ICmTask object. A user or group assigned this level of access is granted or denied permission to link to the ICmTask object, modify its properties and its security, change its state, and change its ownership. Assigning this access level is equivalent to setting the following combination of access rights:
  • AccessRight.READ
  • AccessRight.WRITE
  • AccessRight.LINK
  • AccessRight.CREATE_INSTANCE
  • AccessRight..CHANGE_STATE
  • AccessRight.DELETE
  • AccessRight.WRITE_ACL
  • AccessRight.READ_ACL
  • AccessRight.WRITE_OWNER
WRITE_ANNOTATION
Specifies that the user or group is granted or denied permission to view an Annotation object's content; modify its properties; and create a new instance of an object. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.CREATE_INSTANCE
  • AccessRight.VIEW_CONTENT
  • AccessRight.WRITE
  • AccessLevel.READ
FULL_CONTROL_CLASS_DEF
Specifies full access rights to functions that can be performed on a ClassDefinition object. A user or group assigned this level of access is granted or denied permission to modify the object's properties and security; create an instance of the object; change the object's ownership; and delete the object. Assigning this access level is equivalent to setting the following combination of access rights:
  • AccessRight.READ
  • AccessRight.WRITE
  • AccessRight.LINK
  • AccessRight.CREATE_INSTANCE
  • AccessRight.CREATE_CHILD
  • AccessRight.DELETE
  • AccessRight.READ_ACL
  • AccessRight.WRITE_ACL
  • AccessRight.WRITE_OWNER
FULL_CONTROL_CUSTOM
Specifies that the user or group is granted or denied permission to link to and view a CustomObject object's properties and security. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.RESERVED13
  • AccessRight.DELETE
  • AccessRight.RESERVED12
  • AccessRight.WRITE_ACL
  • AccessRight.WRITE_OWNER
  • AccessLevel.WRITE_CUSTOM
READ
Specifies that the user or group is granted or denied permission to view an object's properties and security. Setting this access level is equivalent to setting the following combination of access rights:
  • AccessRight.READ
  • AccessRight.READ_ACL
FULL_CONTROL_DEFAULT
Specifies a combination of access rights to an object that grant or deny a user or group the permission to make most types of changes to a Content Engine object. See other "full control" levels applicable to specific object types. Assigning this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.RESERVED13
  • AccessRight.DELETE
  • AccessRight.RESERVED12
  • AccessRight.WRITE_ACL
  • AccessRight.WRITE_OWNER
  • AccessLevel.WRITE_DEFAULT
WRITE_FOLDER
Specifies that the user or group is granted or denied permission to create a subfolder under a Folder object. The user or group can also link to and unlink from the subfolder and modify its properties. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.CHANGE_STATE
  • AccessRight.CREATE_CHILD
  • AccessRight.CREATE_INSTANCE
  • AccessRight.LINK
  • AccessRight.UNLINK
  • AccessRight.VIEW_CONTENT
  • AccessRight.MINOR_VERSION
  • AccessRight.PUBLISH
  • AccessRight.READ_ACL
  • AccessRight.WRITE
  • AccessLevel.READ
WRITE_DOCUMENT
Specifies that the user or group is granted or denied permission to link to a Document object; create a new instance of the object; change the object's lifecycle state; view its content; and modify its properties. Setting this access level is equivalent to setting the following combination of access rights:
  • AccessRight.CHANGE_STATE
  • AccessRight.CREATE_INSTANCE
  • AccessRight.LINK
  • AccessRight.UNLINK
  • AccessRight.VIEW_CONTENT
  • AccessRight.WRITE
  • AccessLevel.READ
  • AccessRight.READ_ACL
FULL_CONTROL_DOMAIN
Specifies full access rights to functions that can be performed on a Domain object.
  • AccessRight.READ
  • AccessRight.WRITE
  • AccessRight.CREATE_CHILD
  • AccessRight.DELETE
  • AccessRight.READ_ACL
  • AccessRight.WRITE_ACL
FULL_CONTROL_MARKING
Specifies full access rights to an object for performing marking operations on an object. A user or group assigned this level is granted or denied permission to perform all available marking functions on the object. Setting this access level is equivalent to specifying the following combination of access rights:
  • AccessRight.ADD_MARKING
  • AccessRight.REMOVE_MARKING
  • AccessRight.USE_MARKING
USE_OBJECT_STORE
Specifies that the user or group is granted or denied permission to use an object store. For example, a user who is granted this access right can connect to and store objects in the object store, as well as modify or remove objects from the object store.
  • AccessRight.REMOVE_OBJECTS
  • AccessRight.MODIFY_OBJECTS
  • AccessRight.STORE_OBJECTS
  • AccessRight.CONNECT
WRITE_CUSTOM
Specifies that the user or group is granted or denied permission to link to a CustomObject object; view and modify its properties; and create a new instance of the object. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.CREATE_INSTANCE
  • AccessRight.LINK
  • AccessRight.WRITE
  • AccessLevel.READ
USE_DOMAIN
Specifies that the user or group is granted or denied permission to use a Domain object.
  • AccessRight.READ
FULL_CONTROL_ANNOTATION
Specifies full access rights to functions that can be performed on an Annotation object. A user or group assigned this level of access is granted or denied permission to create an instance of the object; modify the object's properties and security; change the object's ownership; and view the object's content. Setting this access level is equivalent to setting the following combination of individual and Level access rights:
  • AccessRight.DELETE
  • AccessRight.WRITE_ACL
  • AccessRight.WRITE_OWNER
  • AccessLevel.WRITE_ANNOTATION
PUBLISH
Specifies that the user or group is granted or denied permission to publish the object; view its properties, security, and content; and link to the object. Setting this access level is equivalent to setting the following combination of access rights:
  • AccessRight.READ
  • AccessRight.LINK
  • AccessRight.UNLINK
  • AccessRight.PUBLISH
  • AccessRight.READ_ACL
  • AccessRight.VIEW_CONTENT
VIEW_OBJECT_STORE
Specifies that the user or group is granted or denied permission to view the contents of an object store. Setting this access level is equivalent to setting the following access right:
  • AccessRight.CONNECT

ToggleSee Also