Provides a set of constants that identify individual permissions (access rights) that can be applied to an object. Access rights vary by object and control all operations on the object. A user's access to objects is controlled by the access rights awarded to the individual user, and by the access rights awarded to any group of which that user is a member. Access rights to individual objects are checked each time the user attempts to access an object from an object store.

Use AccessRight constants to set and check permissions. To determine which access rights are required to perform common actions, see Access rights required to take actions.

Namespace:  FileNet.Api.Constants
Assembly:  FileNet.Api (in FileNet.Api.dll)

ToggleSyntax

Visual Basic (Declaration)
Public Enumeration AccessRight
C#
public enum AccessRight
Visual C++
public enum class AccessRight
JavaScript
FileNet.Api.Constants.AccessRight = function();
FileNet.Api.Constants.AccessRight.createEnum('FileNet.Api.Constants.AccessRight', false);

ToggleMembers

TypeMember nameDescription
RESERVED12
Reserved.
REMOVE_MARKING
Specifies that the user or group is granted or denied permission to remove a Marking object from an object.
ADD_MARKING
Specifies that the user or group is granted or denied permission to assign a Marking object to an object.
RESERVED13
Reserved.
CREATE_CHILD
Specifies that the user or group is granted or denied permission to create a child object.
WRITE_ACL
Specifies that the user or group is granted or denied permission to modify an object's security (that is, its PermissionList collection).
LINK
Specifies that the user or group is granted or denied permission to link to an object.
DELETE
Specifies that the user or group is granted or denied permission to delete an object.
VIEW_RECOVERABLE_OBJECTS
Specifies that the user or group is granted or denied permission to retrieve or query all recoverable objects in the object store. Because recoverable objects are logically deleted, most users' access should be limited to the ICmRecoveryItem objects that represent recoverable objects. Most users should be denied direct access to recoverable objects.
WRITE
Specifies that the user or group is granted or denied permission to modify the properties of an object.
STORE_OBJECTS
Specifies that the user or group is granted or denied permission to create and store new objects in an object store.
WRITE_OWNER
Specifies that the user or group is granted or denied permission to assume the ownership of an object. If granted WRITE_OWNER permission on an object, a user can set the Owner property to null or the user's own identity. To set the Owner property to any other non-null value requires the WRITE_ANY_OWNER permission on the object store.
UNLINK
Specifies that the user or group is granted or denied permission to unlink from an object.
CREATE_INSTANCE
Specifies that the user or group is granted or denied permission to create a new instance of an object.
MINOR_VERSION
Specifies that the user or group is granted or denied permission to create a new document minor version.
CHANGE_STATE
Specifies that the user or group is granted or denied permission to change the lifecycle state of an object.
CONNECT
Specifies that the user or group is granted or denied permission to connect to an object store.
READ
Specifies that the user or group is granted or denied permission to view the properties of an object.
REMOVE_OBJECTS
Specifies that the user or group is granted or denied permission to delete objects in an object store.
READ_ACL
Specifies that the user or group is granted or denied permission to view an object's security (that is, its PermissionList collection).
MODIFY_RETENTION
This constant is not supported.
VIEW_CONTENT
Specifies that the user or group is granted or denied permission to view the content of an object.
NONE
Specifies that the user or group has no access to objects.
MODIFY_OBJECTS
Specifies that the user or group is granted or denied permission to modify objects in an object store.
WRITE_ANY_OWNER
Specifies that the user or group is granted or denied permission to change the ownership of an object to another user. If a user or group has been granted WRITE_ANY_OWNER permission on an ObjectStore object, then that user or group is also automatically granted the WRITE_OWNER permission on all objects contained in that object store.
MAJOR_VERSION
Specifies that the user or group is granted or denied permission to create a document major version.
USE_MARKING
Determines whether or not the constraint mask will be applied. If a user has been denied the AccessRight.USE_MARKING access right, then the constraint mask is applied to the effective access mask that was computed by the authorization service.
PUBLISH
Specifies that the user or group is granted or denied permission to publish an object.
PRIVILEGED_WRITE
Specifies that the user or group is granted or denied permission to set certain system-level properties (Creator, DateCreated, LastModifier, DateLastModified).

This access right should be granted only to those users who run applications that require an elevated level of privilege on the Content Engine server. Examples of these are: import applications, which require the ability to preserve original user and date information (that is, the values of the above noted system properties) upon importing from the original repository; bulk entry applications; and migration applications.

Note This access right should not be granted to ordinary users and groups or even to most administrators. It is not included in the full control level of object store access.

ToggleSee Also