| Access List |
An object's Access Control List defines the permission settings on that object. Permissions are assigned according to three predefined roles: - Reader A reader has permission to read the contents of the object and its associated properties (e.g., title, summary, etc.). For files, this means permission to open the file and read it in the browser or native application, as appropriate. No editing of any kind is allowed.
- Writer A writer has permission to edit an object's content and its associated properties (e.g., title, summary, etc.). For files, this means permission to add new versions. A writer cannot edit permissions or delete. Read and write permissions are independent. One could in principle grant write access and forbid read access.
- Manager A manager has full read/write permission. In addition, a manager can edit the object's permission settings (its access control list) and delete the object.
An object's owner has manager-level access. The owner is by default the user who originally created the and can only be changed by the current owner via the Change Owner command. Access Control List members may be registered users and groups. The special user named Anyone represents any visitor to the site, logged in or not. |