test

Sun WorkShop TeamWare 2.1 User's Guide

Controlling Access to Workspaces

Configuring permits you to control the access that users have to your workspaces. Table 7-2 lists and describes the eight types of access over which you can exercise control.

Table 7-2 Operations Over Which You Have Access Control

Type of Access 

Description 

bringover-from 

Controls which users may bring over files from this workspace

bringover-to 

Controls which users may bring over files to this workspace

putback-from 

Controls which users may put back files from this workspace

putback-to 

Controls which users may put back files to this workspace

undo 

Controls which users may "undo" commands executed in this workspace 

workspace-delete 

Controls which users may delete this workspace 

workspace-move 

Controls which users may move this workspace 

workspace-reparent 

Controls which users may reparent this workspace 

workspace-reparent-to 

Controls which users may reparent other workspaces to this workspace 

Prior to taking any of the actions listed above, Configuring consults a file in the Codemgr_wsdata subdirectory named access_control to determine whether the user taking the action has access permission to the workspace for that purpose. The access_control file is a text file that contains a list of the eight operations and corresponding values that stipulate who is permitted to perform those operations. The access_control file is automatically created at the time the workspace is created and is owned by the creator of the workspace.

To view and change access permissions, choose Options > Workspace, then use the Category list box to choose the Access Control pane of the Workspace Properties dialog box (see "Viewing and Changing Access Control Values").

Table 7-3 shows the default contents of access_control after you create a workspace:

Table 7-3 Default Access Control Permissions

Operation 

Permissions 

bringover-from 

 

bringover-to 

creator 

putback-from 

 

putback-to 

 

undo 

 

workspace-delete 

creator 

workspace-move 

creator 

workspace-reparent 

creator 

workspace-reparent-to 

 

Note -

Creator permission indicates that Creator's login name appears.

You can express which users have or do not have access to a workspace in a number of ways. Table 7-4 shows all of the value types you can specify to control access to your workspaces and what the entries mean.

Table 7-4 Workspace Access Control Values

Value 

Meaning 

@engineering 

All users in the net group named engineering can execute this operation

-@engineering 

No users from the net group named engineering can execute this operation. Note that "-" denotes negation.

@special -user2 @engineering 

All users in the net groups special and engineering can execute the operation; user2 cannot (unless user2 is in the special netgroup). "-" denotes negation.

user1 user2 

The users user1 and user2 can execute the operation.

"-" 

No user can execute the operation. 

creator 

Only the user who created the workspace can execute the operation. Note that the creator's login name actually appears. 

(no entry)

Any user may execute the operation. 

Note -

If a user is listed as having both access permission and restriction, the first reference is used.

Note -

Performance may degrade when net groups are included in the access control file. The time required to look up group membership can add several seconds to the execution of a given operation.

Viewing and Changing Access Control Values

You can view and change the access control status of a workspace using the Workspace Properties dialog box.

Viewing Access Control Status

To view the access control status of a workspace:

  1. Select a workspace icon in the Workspace Graph pane.

  2. Choose Options > Workspace.

  3. Select Access Control from the Categories list box.

Changing Access Control Values

To change the access control status of a workspace:

  1. Select a workspace icon in the base window Workspace Graph pane.

  2. Choose Options > Workspace.

  3. Select Access Control from the Categories list box.

  4. Select an access line in the global Access Control list, then click Edit to open the Access Control Properties dialog box.

    The operation you selected before clicking Edit is automatically selected for you in the Operation list box.

    Or, use the Operation list box in the Access Control Properties dialog box to select an operation type.

  5. Select the radio button for the type of permission you wish to allow:

    • None--No users have permission

    • All--All users have permission

    • Specify--Use the Permissions list to construct a list of users and netgroups that are to be granted or denied permission

  6. If you choose to specify individual and/or group permissions, construct your entry using:

    • The Name text box to type the name of the user or netgroup

    • The Type radio buttons to specify whether the entry is a user or a netgroup

    • The Access buttons to specify whether the specified user/netgroup is granted or denied permission

  7. Click Insert Before or Insert After to add your entry into the Permissions list.

  8. Click Apply to enter your selection into the global Access Control list.

  9. In the Workspace Properties dialog box, click Apply to write the changes to the access_control file.