A default secured repository /atg/epub/file/SecuredPublishingFileRepository
is configured on top of the PublishingFileRepository, which lets you set item descriptor-level and item-level security on the PublishingFileRepository.
You must modify the secured repository definition of the SecuredPublishingFileRepository
in order to support the new item types ftpTextFileAsset
and ftpBinaryFileAsset
described earlier. To do so:
Modify the repository definition by layering on a new definition file.
Place the new file in the
config
directory of your versioned module at/atg/epub/file/publishingFileSecurity.xml
.
At this stage in the setup process, it is unlikely you modified publishingFileSecurity.xml
. If so, define the item descriptor-level security for the new item types as it is defined for all existing item types. This sets up the proper access rights for the ATG Content Administration roles that are provided by default.
In the case of the FTPFileSystem
example, the new secured definition file to layer on looks like this:
<item-descriptor name="ftpTextFileAsset"> <acl-property name="acl"/> <descriptor-acl value="Profile$role$epubSuperAdmin:read,write,create, delete;Profile$role$epubAdmin:read,write,create,delete;Profile$role$epubUs er:read;Admin$role$administrators-group:read,write,create,delete; Admin$role$everyone-group:read"/> </item-descriptor> <item-descriptor name="ftpBinaryFileAsset"> <acl-property name="acl"/> <descriptor-acl value="Profile$role$epubSuperAdmin:read,write,create, delete;Profile$role$epubAdmin:read,write,create, delete;Profile$role$epubUser:read;Admin$role$administrators- group:read,write,create,delete;Admin$role$everyone-group:read"/> </item-descriptor>
Later in the development process, you can create the principals—for example, roles, and organizations—required for your content development environment, and modify the security of the SecuredPublishingFileRepository accordingly. For more about security, see the chapter Managing User Access and Security.