FileNet P8 Platform, Version 5.2.1            

Setup

Creating LDAP accounts is the first step in this example.

About this task

To set up security for the credit card approval process, the administrator will:

Procedure

  1. Create users and groups in the configured authentication provider's directory service.

    To simplify maintenance, create a group for each function, even if only one person performs the function. You then update the group membership when job assignments change. For this example, we'll create the following groups:

    • CC_ApplsEntry
    • CC_Processing
    • CC_Analyst
    • CC_Manager.
  2. Define document classes in Administration Console for Content Platform Engine.
    1. Create the CCAppls document class.

      Display the Default Instance Security tab, and add the groups, with the access rights indicated in the table below. Optionally and alternatively, you can associate the CCAppls document class with a security policy that will apply appropriate security to applications depending on the version status.

      Table of access rights to assign to the listed groups for the document class CCAppls
      Group Access Rights for Document Class: CCAppls
      CC_ApplsEntry View Properties
      CC_Processors Modify Properties
      CC_Analyst Modify Content
      CC_Manager View Properties
    2. Create the CCProcedures document class.

      Display the Default Instance Security tab, and add the groups, with the access rights indicated in the table below. Optionally and alternatively, you can associate the CCProcedures document class with a security policy to apply security appropriate to the procedure's version status.

      Table of access rights to assign to the listed groups for the document class CCProcedures
      Group Access Rights for Document Class: CCProcedures
      CC_ApplsEntry View Properties
      CC_Processors View Properties
      CC_Analyst View Properties
      CC_Manager

      Modify Properties

      Publish

  3. Define the workflow using Process Designer. Define the workflow used by applications processors and analysts.
    Table of access rights to assign to the listed groups for the workflow definition CCAppls
    Group Access Rights for Workflow Definition: CCAppls
    CC_Processors View Properties
    CC_Analyst View Properties
  4. Define the publish template using Publishing Designer.
    Table of access rights to assign to the listed groups for the Publish Template CCProceduresPublishing
    Group Access Rights for Publish Template: CCProceduresPublishing
    CC_Manager View Content
  5. Create folders using Administration Console for Content Platform Engine.

    Create folders with the access rights indicated in the tables below.

    Table of access rights to assign to the listed groups for the folder NewAppls
    Group Access Rights for Folder: /NewAppls
    CC_ApplsEntry Add to Folder
    CC_Processors Add to Folder
    CC_Analyst View Properties
    CC_Manager View Properties
    Table of access rights to assign to the listed groups for the folders Approved and Denied
    Group Access Rights for Folders: / Approved and /Denied
    CC_Processors Add to Folder
    CC_Manager View Properties
    Table of access rights to assign to the listed groups for the folder Pending
    Group Access Rights for Folder: /Pending
    CC_Processors Add to Folder
    CC_Analyst View Properties
    CC_Manager View Properties
    Table of access rights to assign to the listed groups for the folder ProceduresSource
    Group Access Rights for Folder: /ProceduresSource
    CC_Manager Add to Folder
    Table of access rights to assign to the listed groups for the folder Procedures
    Group Access Rights for Folder: /Procedures
    CC_Manager Add to Folder
    All other groups View Properties

    Optionally, a folder can be the security parent for the contained objects (subfolder, documents, and custom objects). This requires configuration of the parent folder and each contained object.



Last updated: October 2015
p8psx002.htm

© Copyright IBM Corporation 2015.