A default secured repository /atg/epub/file/SecuredPublishingFileRepository is configured on top of the PublishingFileRepository, which lets you set item descriptor-level and item-level security on the PublishingFileRepository.
You must modify the secured repository definition of the SecuredPublishingFileRepository in order to support the new item types ftpTextFileAsset and ftpBinaryFileAsset described earlier. To do so:
Modify the repository definition by layering on a new definition file.
Place the new file in the
configdirectory of your versioned module at/atg/epub/file/publishingFileSecurity.xml.
At this stage in the setup process, it is unlikely you modified publishingFileSecurity.xml. If so, define the item descriptor-level security for the new item types as it is defined for all existing item types. This sets up the proper access rights for the ATG Content Administration roles that are provided by default.
In the case of the FTPFileSystem example, the new secured definition file to layer on looks like this:
<item-descriptor name="ftpTextFileAsset"> <acl-property name="acl"/> <descriptor-acl value="Profile$role$epubSuperAdmin:read,write,create, delete;Profile$role$epubAdmin:read,write,create,delete;Profile$role$epubUs er:read;Admin$role$administrators-group:read,write,create,delete; Admin$role$everyone-group:read"/> </item-descriptor> <item-descriptor name="ftpBinaryFileAsset"> <acl-property name="acl"/> <descriptor-acl value="Profile$role$epubSuperAdmin:read,write,create, delete;Profile$role$epubAdmin:read,write,create, delete;Profile$role$epubUser:read;Admin$role$administrators- group:read,write,create,delete;Admin$role$everyone-group:read"/> </item-descriptor>
Later in the development process, you can create the principals—for example, roles, and organizations—required for your content development environment, and modify the security of the SecuredPublishingFileRepository accordingly. For more about security, see the chapter Managing User Access and Security.
