Below is a worksheet that you can print and complete for each user role that you will use for your system.
For each object type, determine the general permissions you want to grant. That is, determine whether the user role should be allowed to read, modify, delete or create each type of object.
Once you have determined the general permissions for each object type, refer to the list of available Default access alias definitions and select the one that matches the permissions you want to grant.
If you cannot find an access alias definition that matches the required permissions exactly, note the additional requirements. When you create the access level file for the role, you will need to include additional Low-level permissions.
See Example Collaboration Access Alias Definitions.xml file to see how the access alias definitions can be defined.
See Example security worksheet - Intern Role for an example of how you might use the worksheet to design a new role.
User Role:
|
||||||
---|---|---|---|---|---|---|
object type | read | modify | delete | create instance | corresponding |
(notes) |
discussions | ||||||
forum | ||||||
topic folder | ||||||
polls | ||||||
poll responses | ||||||
meetings (folder) | ||||||
meeting | ||||||
relationships | ||||||
emails | ||||||
teams | ||||||
teamspace | ||||||
internal folder | ||||||
members | ||||||
usersubscriptions | ||||||
tasks | ||||||
deactivateteamspace |