IBM Enterprise Records, Version 5.1.+            

Specify security settings

Security settings refer to the permission levels of a user or group to access an object. For example, if you have Owner Control permission for an object, you can exercise complete control over the object. The following table lists the permission levels and their descriptions.

For all permissions, you can select a checkbox either to turn a permission level on or off. If you click a checkbox to turn off an Allow permission, it is implicitly denied. The user or group might have membership in another group that allows that permission. If you select the Deny checkbox, then you are explicitly denying that permission for that user or group. Membership in another group that has the permission will not allow this user or group that permission level.

Permission Description
Owner Control Allows you complete control over an object. You can perform all types of actions such as viewing its contents, viewing and modifying its properties, and deleting the object (subject to hold restrictions). By default, when you create an object initially, it has Owner Control permission for that object.
  • When you set Owner Control to Allow, the remaining permissions are automatically set to Allow.
  • When you set Owner Control to Deny, other permissions remain unchanged.
Modify Properties

Allows you to change the properties of an object and add a subfolder to a folder.

  • When you set Modify Properties to Allow, then View Content and View Properties are automatically set to Allow for documents. For folders, other permissions remain unchanged.
  • When you set Modify Properties to Deny, Owner Control, Promote Version, Modify Content and Publish are also set to Deny.
View Content

Allows you to view the content of a record. For example, if the record is an MS Word file, you can open and view the contents of the file. Be sure to give the Records User group View Content rights at the document level; by default, members of the Records User group do not have rights to view content of the record and, therefore, will not be able to view a document once they declare it as a record.

  • When you set View Content to Allow, View Properties is automatically set to Allow.
  • When you set View Content to Deny, Owner Control, Promote Version, Modify Content, and Modify Properties are also set to Deny.
View Properties

Allows you to view the properties of a folder or object.

  • When you set View Properties to Allow, other settings remain unchanged.
  • When you set View Properties to Deny, all other permissions are set to Deny.
Create Subfolder

Allows you to create a subfolder, if the object being created is a file plan, record category or record folder.

  • When you set Create Subfolder to Allow, View Properties is also set to Allow.
  • When you set File In Folder to Deny, all other permissions remain unchanged.
File In Folder

Allows you to file a record in other folders,

  • When you set File In Folder to Allow, View Properties is also set to Allow.
  • When you set File in Folder to Deny, View Properties is set to Deny.
Promote Version

Allows you to promote and demote document(s) corresponding to the record on which the security is set. You can check out a document, check it back in as a major version, cancel the document checkout, and promote or demote the document version.

Modify Content

Allows you to check out a document, check the document back in as a minor version, or cancel the checkout. Be sure to give the Records User group Modify Content rights at the document level; by default, members of the Records User group do not have rights to modify the content of a record and, therefore, will not be able to modify a document once they declare it as a record.

  • When you set Modify Content to Allow, Modify Properties, View Content, and View Properties are automatically set to Allow.
  • When you set Modify Content to Deny, Owner Control and Promote Version are set to Deny.


Feedback

Last updated: August 2011
set_security_permissions.htm

© Copyright IBM Corporation 2011.
This information center is powered by Eclipse technology. (http://www.eclipse.org)