Secured repositories provide the following control features:
Feature | Description |
---|---|
Control access to repository item descriptors | Control who can create, add, remove, and query items defined by an item descriptor; similar to controlling access to a whole database table. |
Control access to individual repository items | Control who can read, write, destroy, and query a repository item.; similar to controlling access to a single database row. |
Control access to properties of all repository items in a repository item descriptor | Control who can read or write a property in any repository item defined by an item descriptor; similar to controlling access to a database table column. A default ACL can be assigned to all items in the item descriptor that lack an explicit ACL. |
Control access to properties of an individual repository item | Control who can read or write a particular property in a repository item; similar to controlling the field of a database table row. An ACL that is assigned to a property overrides the ACL that is specified for that property in the item descriptor definition. |
Limit query results | Control who can receive repository items that are returned by a repository query. |
Set ownership of a repository item | At creation time, the current user is assigned as the owner of the new repository item. The owner can query a repository item and modify its ACL; otherwise this is simply an association of an identity to an Item. |
Automatically generate ACLs for new repository items | When a repository item is created, it is assigned an ACL that is constructed out of an ACL fragment and a template for the creator/owner (creator) and each group the owner belongs to. |
These features are configured according to the needs of your application. Some features require additional storage in the underlying repository, or can have a significant impact on performance (see Performance Considerations later in this chapter). Consequently, you should only enable those features that the application requires.
Access rights
Access to secured repositories is managed by building ACLs that associate certain access rights with certain identities—individual users, as well as groups, organizations, and roles that are associated with multiple users. The following table lists access rights that apply to the secured repository system.
Note: Not all access rights are available in all implementations or instances of a secured repository.
Action/targets | Access right |
---|---|
CREATE RepositoryItem | Create a repository item with an item descriptor. Note: Adding a new item to the repository also requires WRITE access to the same |
DELETE RepositoryItem | Remove items of this Note: Deleting an item also requires DESTROY access to that Item. |
DESTROY RepositoryItem | Remove the repository item from the repository and destroy its contents. Note: Most secured repositories also require DELETE access to the item’s |
LIST RepositoryItem | Query a repository item. LIST access is required in order for queries to return this repository item. An item’s owner implicitly has LIST access. |
READ RepositoryItemDescriptor | Enable read access to items of this |
READ_ACL | Inspect the ACL of a repository item. This access right is implicitly granted to the repository item’s owner. |
READ_OWNER | Inspect the owner of a repository item. |
WRITE | Enable addition of items of this Note: WRITE access to an item descriptor only enables addition of repository items; it does not allow updates to repository items. |
WRITE_ACL | Change the ACL of a repository item. This access right is implicitly granted to the repository item’s owner. |
WRITE_OWNER | Change the owner of a repository item. |
Note: Securing a repository does not provide complete security within an application: the unprotected repository that it overlays is still available within the Nucleus name space, so it remains available to developers. The ATG Control Center can be configured to hide unprotected repositories, and an application can choose not to use an unprotected repository, so as not to expose unprotected data to end users.