Difference between revisions of "Acl"

From TUTOS

m
m
Line 1: Line 1:
 +
== Intro ==
 
TUTOS has a set of permissions for every object you use in the system. Internally this is called a ACL (AccessControlList).
 
TUTOS has a set of permissions for every object you use in the system. Internally this is called a ACL (AccessControlList).
  
Line 20: Line 21:
 
  1 = all teams of the creator can see it
 
  1 = all teams of the creator can see it
 
  2 = no default-acl, defaultgroups from db (set in user_new dialog)
 
  2 = no default-acl, defaultgroups from db (set in user_new dialog)
 +
 +
 +
== Display / Modify ==
 +
 +
Looking on a TUTOS object you will see a link that allows you to change (if allowed)
 +
[[Image:Acl_new.png|Change a objects permission]]
 +
or only see the current seeting.
 +
[[Image:Acl_show.png|See a objects permission]]

Revision as of 11:39, 26 March 2010

Intro

TUTOS has a set of permissions for every object you use in the system. Internally this is called a ACL (AccessControlList).

There are four different types of permissions.

  • See. You may see the object
  • Use. You can use the object. For example attach a note to the object.
  • Modify. You are allowed to change the contents of the object.
  • Delete. Yo can delete the object.

Higher permissions include all the lower permissions. Someone who has a delete permission is allowed to change the permissions and provide new rights to other users and teams.

The list of possible permission owners will only present:

  • users and teams that already have rights
  • their own teams and their members
  • users and teams where you have the "use" permission


New objects are created with some default permissions. The default permissions depend on the configuration parameter $tutos[defaultacl]

0 = everybody can see it
1 = all teams of the creator can see it
2 = no default-acl, defaultgroups from db (set in user_new dialog)


Display / Modify

Looking on a TUTOS object you will see a link that allows you to change (if allowed) Change a objects permission or only see the current seeting. See a objects permission