The SecuredPublishingFileRepository
uses a custom security policy that determines user access to a content item as follows
Checks the ACL for the given item.
If the item’s
acl
property is null or empty, checks the ACL for its parent folder:If set, the parent folder’s ACL is used to determine user access to the child item.
If null or empty, the system walks up the folder hierarchy until a folder with a defined ACL is found.
By default, ATG Content Administration defines an ACL for the repository’s root folder; the ACL is defined as follows:
Principal | Access Privileges |
---|---|
ATG Content Administration roles: ACC groups: | List |
ATG Content Administration roles: ACC groups: | List |
Configuring the security of the PublishingFileRepository
is similar to configuring security for any other VersionRepository
that stores your application’s assets. You can configure the following assets: