Server

Security

This page is scheduled for review and update. Check back soon for updated content!

A permission is a rule to grant access to a user or set of users to a Nuxeo document. User has a view in the dashboard where he can see the documents on which a permission is set. Managing permissions means granting or denying access permissions in a document or folder.

Some permissions are granted automatically, for example when you create a workflow and grant access to a user on a document for the entire workflow or a particular task.

Permissions Overview

Permission Actions in Workspaces Actions in Sections
Read
  • Consult content
  • Comment documents
  • Tag documents
  • Collect content
  • Follow content
  • Consult content
  • Comment documents
  • Tag documents
  • Follow content
ReadWrite
  • Create documents
  • Edit documents
  • Add / remove relations
  • Start a workflow
  • Delete documents
  • + Read actions
  • Create sections
  • Unpublish documents
  • Delete sub-sections
  • + Read actions
Manage everything
  • Manage permissions
  • Set alerts to other users
  • Apply a preset look on documents
  • Manage deleted documents
  • Define publication targets
  • + Edit actions
  • + Read actions
  • Manage permissions
  • Set alerts to other users
  • Apply a preset look on documents
  • Manage deleted documents
  • + Edit actions
  • + Read actions
Can ask for publishing   Submit documents for publishing

Granting Permissions to the Application Users and Groups

To add a permission, at the root of a workspace, a folder or a document, click on the Permission tab New Permission and fill in the popup form.

The new permission is displayed in the Permissions defined locally part of the screen.

Granting Permissions to External Users (Instant Share)

You can share documents and folders with people that don't usually have access to the application, using their email.

In the Permissions Assigned to External Users part of the screen, click New and fill in the popup form. The external user receives an email notification that contains the link to the document or space. They can access the application only by clicking that link.

Notes:

  • You can only grant a temporary access to external users.
  • External users have not created a user account on the application. They do not have login / password credentials. They can only use the link that is sent to them to access the application.
  • External users have access to the content that was shared with them (either documents or workspaces and their content) and the Search tab.
  • External users do not benefit from the personal workspace, the Home tab and their features (dashboard, alerts, users / groups search, etc.).

Editing Permissions

To edit a permission click on next to it, from there you can modify the permission and/or the date frame.

Deleting Permissions

To delete a permission click on next to the permission you want to delete, click Ok on the confirmation popup.

Blocking Rights Inheritance

The rights that are granted or denied in a space are applied to the space's content, including its sub-spaces. You thus have the same rights in the sub-spaces as in the parent space. That is called rights inheritance.

You can block this inheritance. It enables you to block the access of a sub-workspace to the workspace's users, for instance, or to deeply modify the access rights in the sub-workspace.

To block rights inheritance:

  1. Click on the Permissions tab of the space of which you want to the access rights. The Access Rights sub-tab is displayed.
  2. Click on the Block button located under the PERMISSIONS INHERITED FROM UPPER LEVELS table.

    Now only local persmissions applied, any change made on parent document won't affect the access conditions to this document. You and the administrators will be added to local permissions.

  3. You can now grant access rights to specific users.

We'd love to hear your thoughts!

All fields required