matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge commit '76b740786a7fac82b29afa007b55076e58ce93de' into hotfix/v0.12.3

Browse Source
This commit is contained in:
Roberto Rosario
2012-07-09 13:37:14 -04:00
parent 615987366f 76b740786a
commit 7cdd5d4d1b
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/topics/permissions.rst
View File

@@ -44,3 +44,22 @@ displayed to avoid providing any information that could be used to sidetrack
the permission system or obtain any kind of information about the object
from which the user was not allowed access.
Default Access Control Lists (Default ACLs)
-------------------------------------------
**Mayan EDMS** allows assigment of permissions to Users to access objects after their instantiation from the class. This is implemented with so called Access Control List. The document ``Payroll`` is example of instance of class ``Documents``. A user can be granted with access to only one instance of the class ``Documents`` - the document ``Payroll``.
Along with Access Control Lists there are Default Access Control Lists.They provide additional functionality. It allows assigment of permissions to Users directly to the class before the instantiation. It will be explained with the following example:
**Example 1.** Each user can access only the documents that he uploads
This example will show how to restrict a user in order not to view documents uploaded by other users. The user will view only the documents that he uploades. It will work only for documents that are uploaded after the activation of the restriction. It will not work for documents prior to the activation of the restriction.
Follow the steps:
1. Enter **Mayan EDMS** with user that has administrative rights.
2. Go to Setup menu. Enter Default ACLs submenu.
3. Click ``New holder`` next to the class Documents. From the list of users choose the special user Creator. Give the permission ``View Documents`` to the Creator.
4. Go back to Setup menu. Go to Users and create the users ``Pedro`` and ``Sancho``.
5. Go back to Setup menu. Go to Groups and create the group ``Employees``. Click to members of the groups and add ``Pedro`` and ``Sancho`` to that group.
6. Go back to Setup menu. Go to Roles submenu. Create the role Uploaders. Give the permission Create documents to the role. Add the group ``Employess`` as a member to that role.
7. Now enter **Mayan EDMS** with ``Pedro`` and ``Sancho`` one after another and upload documents. Pedro should not see the documents that ``Sancho`` uploaded and vice versa. He should see only documents uploaded by himself.