Skip Headers
Oracle® Content Database Application Administrator's Guide
10g Release 1 (10.2)

Part Number B31265-02
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

3 Oracle Content DB Site-Level and Container-Level Administration

This chapter provides conceptual information for Oracle Content DB Site and Container-level administration. This chapter contains the following topics:

Oracle Content DB Container Administration

A Container is a special kind of folder that can contain other Containers or Libraries. Containers let Oracle Content DB administrators organize the folder hierarchy in a logical way. For example, Containers could be created for geographical regions or by division. Users can see only the Containers to which they have access.


Note:

Folders containing more than 1000 documents are slow in opening through WebDAV or the Web Client.

To avoid this ensure that there are no more than 1000 Libraries in a single Container, and limit folders that will be opened frequently to contain less than 1000 documents.


Managing Oracle Content DB Containers

Container Administrators can create, remove, and modify Container properties, such as the name and description.

Only Container Administrators can create and delete Containers. Containers may have default folder configuration settings that are inherited by Libraries created in the Container. In addition, a Container can be configured to allow or to limit Library creation to users and groups with specific privileges. Container Administrators can also enable Library creation requests through a workflow process.

In addition, Containers have Library defaults for categories, workflow, records management, and version creation. By default, these settings are inherited by all Libraries created in the Container. There are no default security settings for Libraries in Containers.

Only a Container Administrator can delete a Container.

Oracle Content DB Security Administration

Security Administrators can add, remove, or modify administrator and user roles. Only Security Administrators can modify Site and Container roles. They can also manage the roles of Libraries, folders, and files within the Container.

Managing Oracle Content DB Administrator Roles

Security Administrators can assign administrative roles to any user in the Site. Each administrative role must be filled by at least one user.

Administration that can be performed only at the Site level is divided into the following roles:

  • Site Administrator

    Provides the ability to grant public access for specific items and Library creation requests for the Site folder.

  • Role Administrator

    Views and modifies permissions associated with default and custom roles; creates custom roles by combining permissions that are available; deletes default and custom roles; hides default and custom roles; adds, removes, and changes the order of the roles that are available to users on the Library, folder, and file levels.

  • User Administrator

    Sets and modifies user preference defaults; searches for all users in a Site; adds and removes members of a group; assigns a group member the Group Manager role; creates and deletes groups; restricts which users can create groups within the Site.

  • Category Administrator

    Creates categories for the Site and define a hierarchy of categories and subcategories available to Site users; can add additional categories anywhere in this hierarchy; and can add or remove attributes for all categories.

  • Records Management Administrator

    Creates, modifies, and deletes file plans; can change content that has been declared a record back to regular content, can freeze record dispositions, close record categories for further filings, and resubmit failed dispositions.

Administration that can be performed at both the Site and Container levels is divided into the following roles:

  • Quota Administrator

    Manages the quota of allocated disk space for Libraries throughout the Site or Container.

  • Configuration Administrator

    Manages all folders and files, as well as configuration settings. Sets the default and actual configuration of Sites, Containers, Libraries, and folders for categories, version creation, workflow processes, and records management.

  • Library Administrator

    Creates and sets the initial configurations and security of Libraries. Can rename and delete libraries, as well as set descriptions. Once the Library is created the Library Administrator cannot update the configuration or security settings.

  • Container Administrator

    Creates and deletes Containers. Enables Library creation requests.

  • Security Administrator

    Manages the security configurations for Sites, Containers, Libraries, folders, and files.

  • Content Administrator

    Manages all Site content; has access to all content in the Site; can unlock files locked by any user; can rename and delete Libraries; and can restore deleted files from the Archive.

In addition to administration roles, the following default roles can be assigned at the Site and Container levels:

  • Container Viewer

    Views Containers and their properties. Can also send a request that a Library be created if the option is enabled.

  • Library Creator

    Views Container properties and can create Libraries, as well as view Container properties and create Libraries for sub Containers.

Managing Oracle Content DB User Roles

Security Administrators can assign default and custom roles.

Default roles are sample roles created during the Oracle Content DB installation, and apply to the Site, Container, Library, folder, and file levels. Some default roles can be customized by modifying the permissions.

Custom roles are new roles created by the Role Administrator, and apply to the Library, folder, and file levels.

The following default roles cannot be customized:

  • Administrator

    • View the properties of a Library, folder, file, or link

    • View the content and category information of a file

    • Add, delete, or modify the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a Library, file, folder, or link

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Add files to a folder

    • Copy, delete, and move folders and files

    • Create folders

    • Add a version for a version-controlled file

    • Check-in and check-out

    • Add, delete, or modify the security configuration of a Library, folder, or file

    • Update and delete Libraries

    • Add, delete, or modify any configuration category on a folder or file, except for quota

  • Container Viewer

    View Containers and their properties. Can also request for Library creation if the option is enabled.

  • Discoverer

    View the properties of a Library, folder, or file.

  • Library Creator

    View Container properties and can create Libraries.

The following default roles can be customized:

  • Administrative Assistant

    • View the properties of a Library, folder, file, or link

    • Add files to a folder

    • Create folders

    • Add, delete, or modify the security configuration of a folder or file

    • Add, delete, or modify any configuration category on a folder or file, except for quota

    • Modify security settings

  • Approver

    • View the properties of a Library, folder, file, or link

    • View the content and category information of a file

    • Add, delete, or modify the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Copy folders and files

  • Author

    • View the properties of a Library, folder, or file

    • View the content and category information of a file

    • Add, delete, or modify the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Add files to a folder

    • Copy, delete, and move folders and files

    • Create folders

    • Add a version for a version-controlled file

  • Commentator

    • View the properties of a Library, folder, or file

    • View the content and category information of a file

    • Add, delete, or modify the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Copy folders and files

  • Content Editor

    • View the properties of a Library, folder, or file

    • View the content and category information of a file

    • Add, delete, or modify the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Add files to a folder

    • Copy folders and files

    • Create folders

    • Add a version for a version-controlled file

  • Custodian

    • View the properties of a Library, folder, or file

    • View the category information of a file

    • Add, delete, or modify the category information of a file

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Add files to a folder

    • Copy, delete, and move folders and files

    • Create folders

  • Limited Author

    • View the properties of a Library, folder, or file

    • View the content and category information of a file

    • Add, delete, or modify the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Add files to a folder

    • Create folders

    • Add a version for a version-controlled file

    • Copy folders and files

  • Manager

    • View the properties of a Library, folder, or file

    • Add files to a folder

    • Create folders

    • Add, delete, or modify the security configuration of a folder or file

  • Organizer

    • View the properties of a Library, folder, or file

    • Add, delete, modify, and view the category information of a file

    • Update the content of a file that is not version-controlled

    • Rename and update the properties of a file or folder

    • Modify the Library, folder, or file to which a link refers

    • Lock and unlock files

    • Copy, delete, and move folders and files

  • Reader

    • View the properties of a Library, folder, or file

    • View the content and category information of a file

    • Copy folders and files

  • Reviewer

    • View the properties of a Library, folder, or file

    • View the content and category information of a file

    • Copy folders and files

Oracle Content DB Library Administration

Libraries are the first level in the Oracle Content DB folder hierarchy where content is added. Members must be added to a Library, and a Library is visible only to Site and Container level administrators and members of the Library.

Library Administrators can create and delete Libraries, but they cannot change the configuration settings of the Library after it has been created. Library Administrators can also move Libraries if they have Container Administrator privileges in the target Site or Container. In addition, Library Administrators can rename and set Library descriptions.

Oracle Content DB Configuration Administration

Configuration Administrators set all the default actions for Libraries, including version creation, categories, workflow, and records management. They can also modify any existing Library or folder settings to which they have access. Configuration Administrators set all the defaults for folders and documents within a Library.

Managing Auditing Tasks

Oracle Content DB provides auditing support through Web Services.

Configuration Administrators can specify the audit events that should be captured for global audit histories and object audit histories. In addition, they can specify the disposition rules for each audit history, as well as query against any audit history by specifying criteria from the primary audit event information.

See Oracle Content Database Web Services Java API Reference (Javadoc) for more information.

Managing Workflow Processes

An Oracle Content DB workflow process defines a set of operations to be executed before or after a particular workflow-enabled action occurs.

A workflow process is triggered as soon as a workflow operation occurs in the target (destination) folder. For example, if the Delete operation is controlled by a workflow process, the workflow process starts automatically when a user deletes an item in the folder.

Oracle Content DB uses Oracle Workflow to manage workflow processes. Oracle Workflow is configured and integrated with Oracle Content DB during Oracle Content DB configuration.

Oracle Content DB comes with two default workflow processes:

  • Parallel vote: All approvers review the submitted files or request at the same time. The number of approvals or rejections for a completed approval or rejection is set in the Workflow tab of the folder or Library Properties window.

  • Serial approval: Each approver reviews the submitted files or request in turn, one approver at a time. All reviewers must approve the request to complete the approval process; a single rejection ends the review process, and results in the request being rejected.

Custom workflows can be created in Oracle BPEL Process Manager, an Oracle product that provides a framework for designing, deploying, monitoring, and administering processes based on BPEL standards. Custom workflows are only available to the default Site in Oracle Content DB; additional Sites cannot use custom workflows.

Custom workflows can be blocking or nonblocking. A blocking workflow is one that requires an action for it to complete. For example, you can create a blocking workflow to handle document approval for publication: action on the part of the approvers is required before a document is published. An example of a nonblocking workflow is one that handles sending out notifications for published documents; in this case, a document can be published without waiting for the notifications to be sent.

Setting Oracle Content DB Library Defaults

Configuration Administrators can set the following default actions for a Library:

  • Version creation

    • Set the version model (Automatic, Manual, or No Versioning)

    • Set the maximum number of versions to retain

    • Enable automatic version labeling and select label format

    • Disallow version model selections to be modified

  • Categories

    • Select which categories are available

    • Select defaults for all categories available in the system, such as whether a category must be associated with all content, or whether a particular attribute should be required

    • Disallow category selections to be modified

  • Workflow process

    • Select which operations are controlled by workflow processes

    • Select the workflow process used to control each workflow-controlled operation

    • Specify if a workflow requires approval

    • Add and remove approvers

    • Enable automatic approval of requests sent by approvers

    • Set the number of approvals required to approve

    • Set the number of rejections required to reject

    • Disallow workflow selections to be modified

  • Records Management

    • Select the record category to enforce on all content

    • Disallow Records Management selections to be modified

Oracle Content DB Content Administration

Content Administrators manage all content within a Site. They have access to and can perform various file operations on all Site content. Content Administrators have access to all Libraries, with all permissions except for the ability to set or configure security. Content Administrators can delete Libraries, as well as manage the Archive, and can perform various operations on files within the Archive.

In addition, Content Administrators can view properties of a Site or Container, depending on whether or not they have Site-level or Container-level access.

Managing Oracle Content DB Content

Content Administrators manage and have access to all content in a Site. Content Administrators can perform the following file operations:

  • Lock and unlock files

  • Set and view content

  • Set and view categories

  • Add version-controlled files

  • Delete Libraries

  • Create, copy, and delete folders and files

  • Modify Library, folder, and file names and descriptions

  • Move files to and from various folders within a Site

Content Administrators can also set virus scanning to detect and repair infected files.

Managing the Oracle Content DB Archive

Content Administrators manage and have access to all content within the Archive. In addition, Content Administrators can restore and remove files from the Archive. However, Content Administrators cannot change the security settings of content in the Archive.

Oracle Content DB Quota Administration

Quota is the measurement of storage usage in Oracle Content Database. Each Library is allocated a quota by the Quota Administrator. The contents of each Library and Trash folder count against the Library's allocated quota. When the Library's quota is exceeded, Library members cannot store additional content in the Library.

The Quota Administrator can modify the quota of any Library. Approving a quota request automatically changes the quota for the Library.

Quota Administrators can view and change quota through the Library Properties page. Quota Administrators can also browse or search for a Library by name. The Quota Administrator can view the allocated and used quota and change the allocated quota for any Library.

Quota Administrators can view files, folders, and the configuration of all Libraries, but they do not have access to the content.

Quota is also allocated and tracked at the Site level. Site quota is managed by the system administrator.

Managing Oracle Content DB Library Quota

Quota Administrators manage all the quota within a Site, and can perform the following tasks:

  • Search for Libraries within a Site

  • View the consumed quota for a Site

  • Assign the default quota for all newly created Libraries within a Site

  • Approve requests for additional Library quota

  • Modify allocated Library quota

Other Oracle Content DB Roles

In addition to administration roles, there are two additional roles that can be assigned at the Site and Container levels: Container Viewer and Library Creator.

Container Viewers can view Containers and their properties. All users are assigned the Container Viewer role on the Site folder.

Library Creators can view Container properties and can create Libraries at the Site or Container level.

These roles can be accessed without being in Administration Mode.