Oracle® Content Database Application Administrator's Guide 10g Release 1 (10.2) Part Number B31265-02 |
|
|
View PDF |
This chapter provides conceptual information for Oracle Content DB Site and Container-level administration. This chapter contains the following topics:
A Container is a special kind of folder that can contain other Containers or Libraries. Containers let Oracle Content DB administrators organize the folder hierarchy in a logical way. For example, Containers could be created for geographical regions or by division. Users can see only the Containers to which they have access.
Note: Folders containing more than 1000 documents are slow in opening through WebDAV or the Web Client.To avoid this ensure that there are no more than 1000 Libraries in a single Container, and limit folders that will be opened frequently to contain less than 1000 documents. |
Container Administrators can create, remove, and modify Container properties, such as the name and description.
Only Container Administrators can create and delete Containers. Containers may have default folder configuration settings that are inherited by Libraries created in the Container. In addition, a Container can be configured to allow or to limit Library creation to users and groups with specific privileges. Container Administrators can also enable Library creation requests through a workflow process.
In addition, Containers have Library defaults for categories, workflow, records management, and version creation. By default, these settings are inherited by all Libraries created in the Container. There are no default security settings for Libraries in Containers.
Only a Container Administrator can delete a Container.
Security Administrators can add, remove, or modify administrator and user roles. Only Security Administrators can modify Site and Container roles. They can also manage the roles of Libraries, folders, and files within the Container.
Security Administrators can assign administrative roles to any user in the Site. Each administrative role must be filled by at least one user.
Administration that can be performed only at the Site level is divided into the following roles:
Site Administrator
Provides the ability to grant public access for specific items and Library creation requests for the Site folder.
Role Administrator
Views and modifies permissions associated with default and custom roles; creates custom roles by combining permissions that are available; deletes default and custom roles; hides default and custom roles; adds, removes, and changes the order of the roles that are available to users on the Library, folder, and file levels.
User Administrator
Sets and modifies user preference defaults; searches for all users in a Site; adds and removes members of a group; assigns a group member the Group Manager role; creates and deletes groups; restricts which users can create groups within the Site.
Category Administrator
Creates categories for the Site and define a hierarchy of categories and subcategories available to Site users; can add additional categories anywhere in this hierarchy; and can add or remove attributes for all categories.
Records Management Administrator
Creates, modifies, and deletes file plans; can change content that has been declared a record back to regular content, can freeze record dispositions, close record categories for further filings, and resubmit failed dispositions.
Administration that can be performed at both the Site and Container levels is divided into the following roles:
Quota Administrator
Manages the quota of allocated disk space for Libraries throughout the Site or Container.
Configuration Administrator
Manages all folders and files, as well as configuration settings. Sets the default and actual configuration of Sites, Containers, Libraries, and folders for categories, version creation, workflow processes, and records management.
Library Administrator
Creates and sets the initial configurations and security of Libraries. Can rename and delete libraries, as well as set descriptions. Once the Library is created the Library Administrator cannot update the configuration or security settings.
Container Administrator
Creates and deletes Containers. Enables Library creation requests.
Security Administrator
Manages the security configurations for Sites, Containers, Libraries, folders, and files.
Content Administrator
Manages all Site content; has access to all content in the Site; can unlock files locked by any user; can rename and delete Libraries; and can restore deleted files from the Archive.
In addition to administration roles, the following default roles can be assigned at the Site and Container levels:
Container Viewer
Views Containers and their properties. Can also send a request that a Library be created if the option is enabled.
Library Creator
Views Container properties and can create Libraries, as well as view Container properties and create Libraries for sub Containers.
Security Administrators can assign default and custom roles.
Default roles are sample roles created during the Oracle Content DB installation, and apply to the Site, Container, Library, folder, and file levels. Some default roles can be customized by modifying the permissions.
Custom roles are new roles created by the Role Administrator, and apply to the Library, folder, and file levels.
The following default roles cannot be customized:
Administrator
View the properties of a Library, folder, file, or link
View the content and category information of a file
Add, delete, or modify the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a Library, file, folder, or link
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Add files to a folder
Copy, delete, and move folders and files
Create folders
Add a version for a version-controlled file
Check-in and check-out
Add, delete, or modify the security configuration of a Library, folder, or file
Update and delete Libraries
Add, delete, or modify any configuration category on a folder or file, except for quota
Container Viewer
View Containers and their properties. Can also request for Library creation if the option is enabled.
Discoverer
View the properties of a Library, folder, or file.
Library Creator
View Container properties and can create Libraries.
The following default roles can be customized:
Administrative Assistant
View the properties of a Library, folder, file, or link
Add files to a folder
Create folders
Add, delete, or modify the security configuration of a folder or file
Add, delete, or modify any configuration category on a folder or file, except for quota
Modify security settings
Approver
View the properties of a Library, folder, file, or link
View the content and category information of a file
Add, delete, or modify the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Copy folders and files
Author
View the properties of a Library, folder, or file
View the content and category information of a file
Add, delete, or modify the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Add files to a folder
Copy, delete, and move folders and files
Create folders
Add a version for a version-controlled file
Commentator
View the properties of a Library, folder, or file
View the content and category information of a file
Add, delete, or modify the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Copy folders and files
Content Editor
View the properties of a Library, folder, or file
View the content and category information of a file
Add, delete, or modify the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Add files to a folder
Copy folders and files
Create folders
Add a version for a version-controlled file
Custodian
View the properties of a Library, folder, or file
View the category information of a file
Add, delete, or modify the category information of a file
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Add files to a folder
Copy, delete, and move folders and files
Create folders
Limited Author
View the properties of a Library, folder, or file
View the content and category information of a file
Add, delete, or modify the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Add files to a folder
Create folders
Add a version for a version-controlled file
Copy folders and files
Manager
View the properties of a Library, folder, or file
Add files to a folder
Create folders
Add, delete, or modify the security configuration of a folder or file
Organizer
View the properties of a Library, folder, or file
Add, delete, modify, and view the category information of a file
Update the content of a file that is not version-controlled
Rename and update the properties of a file or folder
Modify the Library, folder, or file to which a link refers
Lock and unlock files
Copy, delete, and move folders and files
Reader
View the properties of a Library, folder, or file
View the content and category information of a file
Copy folders and files
Reviewer
View the properties of a Library, folder, or file
View the content and category information of a file
Copy folders and files
Libraries are the first level in the Oracle Content DB folder hierarchy where content is added. Members must be added to a Library, and a Library is visible only to Site and Container level administrators and members of the Library.
Library Administrators can create and delete Libraries, but they cannot change the configuration settings of the Library after it has been created. Library Administrators can also move Libraries if they have Container Administrator privileges in the target Site or Container. In addition, Library Administrators can rename and set Library descriptions.
Configuration Administrators set all the default actions for Libraries, including version creation, categories, workflow, and records management. They can also modify any existing Library or folder settings to which they have access. Configuration Administrators set all the defaults for folders and documents within a Library.
Oracle Content DB provides auditing support through Web Services.
Configuration Administrators can specify the audit events that should be captured for global audit histories and object audit histories. In addition, they can specify the disposition rules for each audit history, as well as query against any audit history by specifying criteria from the primary audit event information.
See Oracle Content Database Web Services Java API Reference (Javadoc) for more information.
An Oracle Content DB workflow process defines a set of operations to be executed before or after a particular workflow-enabled action occurs.
A workflow process is triggered as soon as a workflow operation occurs in the target (destination) folder. For example, if the Delete operation is controlled by a workflow process, the workflow process starts automatically when a user deletes an item in the folder.
Oracle Content DB uses Oracle Workflow to manage workflow processes. Oracle Workflow is configured and integrated with Oracle Content DB during Oracle Content DB configuration.
Oracle Content DB comes with two default workflow processes:
Parallel vote: All approvers review the submitted files or request at the same time. The number of approvals or rejections for a completed approval or rejection is set in the Workflow tab of the folder or Library Properties window.
Serial approval: Each approver reviews the submitted files or request in turn, one approver at a time. All reviewers must approve the request to complete the approval process; a single rejection ends the review process, and results in the request being rejected.
Custom workflows can be created in Oracle BPEL Process Manager, an Oracle product that provides a framework for designing, deploying, monitoring, and administering processes based on BPEL standards. Custom workflows are only available to the default Site in Oracle Content DB; additional Sites cannot use custom workflows.
Custom workflows can be blocking or nonblocking. A blocking workflow is one that requires an action for it to complete. For example, you can create a blocking workflow to handle document approval for publication: action on the part of the approvers is required before a document is published. An example of a nonblocking workflow is one that handles sending out notifications for published documents; in this case, a document can be published without waiting for the notifications to be sent.
Configuration Administrators can set the following default actions for a Library:
Version creation
Set the version model (Automatic, Manual, or No Versioning)
Set the maximum number of versions to retain
Enable automatic version labeling and select label format
Disallow version model selections to be modified
Categories
Select which categories are available
Select defaults for all categories available in the system, such as whether a category must be associated with all content, or whether a particular attribute should be required
Disallow category selections to be modified
Workflow process
Select which operations are controlled by workflow processes
Select the workflow process used to control each workflow-controlled operation
Specify if a workflow requires approval
Add and remove approvers
Enable automatic approval of requests sent by approvers
Set the number of approvals required to approve
Set the number of rejections required to reject
Disallow workflow selections to be modified
Records Management
Select the record category to enforce on all content
Disallow Records Management selections to be modified
Content Administrators manage all content within a Site. They have access to and can perform various file operations on all Site content. Content Administrators have access to all Libraries, with all permissions except for the ability to set or configure security. Content Administrators can delete Libraries, as well as manage the Archive, and can perform various operations on files within the Archive.
In addition, Content Administrators can view properties of a Site or Container, depending on whether or not they have Site-level or Container-level access.
Content Administrators manage and have access to all content in a Site. Content Administrators can perform the following file operations:
Lock and unlock files
Set and view content
Set and view categories
Add version-controlled files
Delete Libraries
Create, copy, and delete folders and files
Modify Library, folder, and file names and descriptions
Move files to and from various folders within a Site
Content Administrators can also set virus scanning to detect and repair infected files.
Quota is the measurement of storage usage in Oracle Content Database. Each Library is allocated a quota by the Quota Administrator. The contents of each Library and Trash folder count against the Library's allocated quota. When the Library's quota is exceeded, Library members cannot store additional content in the Library.
The Quota Administrator can modify the quota of any Library. Approving a quota request automatically changes the quota for the Library.
Quota Administrators can view and change quota through the Library Properties page. Quota Administrators can also browse or search for a Library by name. The Quota Administrator can view the allocated and used quota and change the allocated quota for any Library.
Quota Administrators can view files, folders, and the configuration of all Libraries, but they do not have access to the content.
Quota is also allocated and tracked at the Site level. Site quota is managed by the system administrator.
Quota Administrators manage all the quota within a Site, and can perform the following tasks:
Search for Libraries within a Site
View the consumed quota for a Site
Assign the default quota for all newly created Libraries within a Site
Approve requests for additional Library quota
Modify allocated Library quota
In addition to administration roles, there are two additional roles that can be assigned at the Site and Container levels: Container Viewer and Library Creator.
Container Viewers can view Containers and their properties. All users are assigned the Container Viewer role on the Site folder.
Library Creators can view Container properties and can create Libraries at the Site or Container level.
These roles can be accessed without being in Administration Mode.