A permission is a rule to grant access to a user or set of users to a Nuxeo document. User has a view in the dashboard where he can see the documents on which a permission is set. Managing permissions means granting or denying access permissions in a document or folder.
Some permissions are granted automatically, for example when you create a workflow and grant access to a user on a document for the entire workflow or a particular task.
|Permission||Actions in Workspaces||Actions in Sections|
|Read||Consult content Comment documents Tag documents Collect content Follow content||Consult content Comment documents Tag documents Follow content|
|Edit||Create documents Edit documents Add / remove relations Start a workflow Delete documents + Read actions||Create sections Approve/reject pending publications Unpublish documents Delete sub-sections + Read actions|
|Manage everything||Manage permissions Set alerts to other users Apply a preset look on documents Manage deleted documents Define publication targets + Edit actions + Read actions||Manage permissions Set alerts to other users Apply a preset look on documents Manage deleted documents + Edit actions + Read actions|
|Can ask for publishing||Submit documents for publishing|
To add a permission, at the root of a workspace, a folder or a document, click on the Permission tab > New Permission and fill in the popup form.
The new permission is displayed in the Permissions defined locally part of the screen.
To edit a permission click on next to it, from there you can modify the permission and/or the date frame.
To delete a permission click on
This tab presents two sub-tabs: a Search tab and a Purge tab.
The Search tab will help you to audit permissions in the repository, you can search by user/group, time frame, permissions etc. You can then export search results in an Excel file by clicking the icon .
You can search permissions on the following criteria:
- User / Group: The user(s) or group(s) of which you want to see the permissions.
- Granted by: The user who assigned the permissions.
- Location: The documents or folder hierarchy from which permissions will be searched.
- Right: The permission to be searched for.
- Time Frame: The dates during which the permission is / was effective.
Status: The status of the permission.
- Pending: The permissions is not yet active, the permission time range has not yet been reached.
- Effective: The permission is active.
- Archived: The permission is not active anymore, the permission time range is overdue.
- Policy Name: The ID of the policy name. By default, there are two policy types:
localfor permissions granted locally
routingfor permissions granted by a workflow
The Purge tab will enable admins to delete all the permissions granted to a user or on a section of the repository.
To purge the permission of a user: go to Admin > Permissions > Purge tab, search the user you want and click on Search. The available permissions are displayed, click on Purge to confirm. All the permissions for this user are removed.