<!ELEMENT creation-base-acl (#PCDATA)>

Parent: <item-descriptor>, <property>

The creation-base-acl tag defines an ACL fragment that is inserted into the default ACL for a newly created repository item or property. Typically this defines global access rights for administrators and limited access rights for the user base as a whole. This ACL fragment can contain any access right that applies to a repository item or property.

Example

The following example gives all access rights to the administrators group, but only read and list rights to everyone else:

<creation-base-acl value="Admin$role$administrators-group:
    read,write,list,destroy,read_owner,write_owner,read_acl,write_acl;
    Admin$role$everyone-group:read,list;"/>