The /atg/epub/file/PublishingFileRepository is the versioned content repository that stores your application’s file asset metadata. ATG Content Administration is configured to access the PublishingFileRepository through a Secured Repository Adapter instance, /atg/epub/file/SecuredPublishingFileRepository, which is configured on top of the PublishingFileRepository.
By default, the security for all PublishingFileRepository item descriptors is defined as follows:
Principal | Access Privileges |
|---|---|
ATG Content Administration roles: EPub-Super-Admin, EPub-Admin, EPub-Manager, EPub-User ACC groups: administrators-group | Read, Write, Create, Delete |
ACC groups: everyone-group | Read |
You can examine the secured repository definition file at this location:
<ATG2007.3dir>/Publishing/base/config/atg/epub/file/publishingFileSecurity.xml
You can also access it in the Dynamo Administration Component Browser, using the URL appropriate. For example, the default URL for JBoss is:
http://hostname:8080/dyn/admin/nucleus/atg/epub/SecuredPublishingRepository/?propertyName=configurationFile
When determining user access to a content item, the SecuredPublishingFileRepository uses a custom security policy that first checks the ACL for the given item. If the item’s acl property is null or empty, it checks the ACL for its parent, which is a folder. If set, the parent folder’s ACL is used to determine user access to the child item. If null or empty, the system walks up the folder hierarchy until a folder with a defined ACL is found. By default, ATG Content Administration defines an ACL for the repository’s root folder; the ACL is defined as follows:
Principal | Access Privileges |
|---|---|
ATG Content Administration roles: EPub-Super-Admin, EPub-Admin, EPub-Manager ACC groups: | List, Read, Write, Destroy, Read_ACL, Write_ACL |
ATG Content Administration roles: ACC groups: | List, Read |
Configuring the security of the PublishingFileRepository is similar to configuring security for any other VersionRepository that stores your application’s assets. You can configure the following assets:
