Configure permissions for a collection

Collection permissions determine users and groups permissions for the documents in a collection.

IXIASOFT recommends that you set up default permissions for new collections through the repository, and then customize permissions on a collection-by-collection basis if necessary. The procedure below applies to both cases.

There are three types of collection permissions, as shown in the following table:

Table 1. Permissions for collections tasks
Permissions Available Tasks
Read only
  • View inherited permissions
  • View permissions
  • View documents
Write only (read is implicit) All of the above, plus:
  • Copy a collection
  • Copy a document
  • Create a collection
  • Lock (check-out) a collection
  • Lock (check-out) a document
  • Lock or unlock a list of documents through the API
  • Move a collection
  • Move a document
  • Remove a collection
  • Remove a document
  • Remove a document version
  • Modify (set) a document
  • Unlock a collection
  • Unlock documents
  • Rename collection/document
User administration
  • View inherited permissions
  • View permissions
  • Configure (set) permissions
By default:
  • Users and groups that were assigned Document Base Administrator and Server Administrator permissions have read, write, and user administration permissions at the repository and collection levels.
  • Users and groups that were assigned Document Base User and Server User permissions have read and write permissions at the repository and collection levels.

You can customize these permissions using the procedure below.

When you assign permissions at the repository and collection levels, these permissions become restrictive, meaning that all other inherited permissions assigned for this repository or collection are automatically removed.

For example, consider that DocBase A has a Repository with three collections: Collection A, Collection B, and Collection C. Collections A and B contain user documents and Collection C contains system documents that can only be modified by a specific user (User1). Group A, which contains three users (User1, User2, User3), has Document Base User permissions on DocBase A, which means that, by default, every user in this group has read and write access to the repository and collections of DocBase A.

To restrict access to Collection C to User1 only, you assign read and write permissions to User1 at the Collection level. Since collection permissions are restrictive, User2 and User 3 no longer have Read and Write access to Collection C.

To configure collection permissions for a group or a user:

  1. Open the Administration Console and connect to a server and a docbase.
  2. Expand the docbase node to display its collections.
  3. Do one of the following:
    • To configure default permissions for new collections, right-click the Repository.
    • To configure permissions for a specific collection, right-click the collection.
  4. Select Configure Properties from the menu.
    The Configure properties window appears. You must have Document Base Administrator permissions, otherwise you will not be able to modify the repository/collection properties.

    Figure: Collection Permissions pane



    The Name list displays the users and groups for whom collection permissions have been configured.
  5. To add a user or a group, click Add.
    The user or group that you add must already have Document Base User or Document Base Administrator permissions.
  6. Beside Domain, enter the domain name for the user or group.
    For a local group or user, enter .\.
  7. Beside User or Group Name, enter the name of the user or group.
  8. To configure the permissions, select a name in the Name list.
  9. Do one of the following:
    • If you are setting up default settings for a repository, go to Step 10.
    • If you are setting up custom settings for a collection, go to Step 11.
  10. For a repository:
    1. Select the desired check boxes (Read, Write, User Administration) to control the default permissions for collections added to the repository.
    2. Select Apply permissions to child collections.
    Only the users and groups specified in the Name list now have access to the collection/repository selected.
  11. For a collection:
    1. Select the desired check boxes (Read, Write, User Administration) to customize the permissions for the collection.
      Only the users and groups specified in the Name list now have access to the collection/repository selected.
    2. To apply these same settings to sub-collections added in the same folder, select Apply permissions to child collections.
    Tip: If the collection was set up before the repository settings were configured, it will not automatically inherit the default settings. However, you may select Inherit permissions from parent collection to apply the default settings.
  12. Repeat from Step 5 to configure permissions for additional users and groups.
  13. When you are done, click OK.
    The permissions settings you configured are applied to the repository or collection.