This chapter describes how to secure Pages functionality and objects through roles granted at the AquaLogic Pages application level and at the individual Space level.
AquaLogic Pages Roles
AquaLogic Pages roles control overall access to Pages:
Table 7-1 AquaLogic Pages Roles
Role
Description
Administrators
Allows members access to all areas in Pages and full control of all objects in Pages. Administrators are granted the Administrator Space role on all Spaces. To learn about Space roles, see Space Roles.
Space Creators
Allows members to create new Spaces. Space Creators see the Create a Blank Space link in the Dashboard.
Personal Space Creators
Allows members to create a personal blog Space.
Note:
You can enable/disable personal blogs through the Pages: Personal Blog section in the Configuration Manager.
Space roles control access to individual Spaces and the objects associated with those Spaces. Pages Administrators are assigned the Administrator role for all Spaces by default. Your system administrator can change the default role assignments, but the default role assignments cannot be changed in the Space Editor. For information on changing the default role assignments, see Changing the Default Role Assignments.
Note:
The following privileges are additive, meaning that the Reader role includes the privileges granted to the Guest role as well as additional privileges.
Table 7-2 Space Roles
Role
Privileges
Guest
View the Space or list and all associated objects in the Dashboard, in the Organizer, and in page view
Reader
Add comments to and reply to comments on the Space or list and all associated objects
Note:
Comments can be edited only by the user that wrote the comment or the Administrator. Comments can be deleted only by the user that wrote the comment, the user that created the object with which the comment is associated, or the Administrator.
Creator
Create pages in the Space or records in the list
Delete comments associated with objects they create
Edit or delete any object they create
Edit or delete objects associated with objects they create For example, if a user creates a record and another user adds an image to the record, the user that created the record could edit or delete the image.
Note:
Editing includes: attaching, reverting, and deleting attachments; adding components; and reverting to a previous version of the page view.
Publisher
Edit any object associated with the Space or list (not the Space or list itself)
Note:
Editing includes: attaching, reverting, and deleting attachments; adding components; and reverting to a previous version of the page view.
Editor
Delete any object associated with the Space or list (including previous versions of page views, but not the Space or list itself)
Administrator
Full control of the Space or list and all associated objects
Edit or delete comments associated with the Space or list or comments associated with any associated objects
Edit or delete the Space or list
Note:
Editing includes: attaching, reverting, and deleting attachments; adding components; and reverting to a previous version of the page view.
Changing the Default Role Assignments
You can change the Spaces roles that are automatically granted access to new Spaces. To do so, add or remove users from install_dir\security-templates\live-spaces\default.xml (for example, C:\bea\alui\pages\2.0\security-templates\live-spaces\default.xml).
Managing AquaLogic Pages Role Assignments
The Administration page in Pages enables you to manage the users and groups that can access AquaLogic Pages and the privileges that they have.
There are different tabs to manage the members in each AquaLogic Pages role:
Administrators can access to all areas in Pages and full control of all objects in Pages. Administrators are granted the Administrator Space role on all Spaces.
Space Creators can create new Spaces. Space Creators see the Create a Blank Space link in the Dashboard.
Personal Space Creators can create a personal blog Space.
You add and remove users and groups on each tab to manage the members in each role.
For more information on the Administrator page and managing AquaLogic Pages role assignments, see the online help.