Add/Edit Access Permissions dialog box

This dialog box allows you to enter user (or group) name and to grant access permissions to this user (or group).

Option Description
Grantee name Enter the name of the permission grantee, that is, user or group in the form suitable for the Authentication Provider configured for the FileNet P8 Content Engine domain. For example, when a directory service - based provider (like Active Directory) is in use, then user or group should be specified by its short (login) name (for example: fnuser) or by its principal (qualified) name (for example: FileNetUser@myDomain.com).

Additionally, two predefined grantees can be used: #CREATOR-OWNER user and #AUTHENTICATED-USERS group.

You can enter the name of a permission grantee manually or click the button to open the Select User dialog box that allows selection of a user or group.

Access type Select one of two access types: Allow or Deny. The access types may be selected from the drop down list or entered manually. If an RRT is used in this text box, this RRT should be replaced with one of the internal names: "ALLOW" or "DENY". The Deny type takes precedence over the Allow type.
Access level Enter the bitmask value of access rights granted (or denied, if access type is Deny) to the grantee. Bitmask value is an integer number, which can be entered in decimal or hexadecimal form; for example, 0xf0081. Alternatively, you can select from the list of predefined access levels suitable for the Document class:
  • Full control
  • Minor versioning
  • Major versioning
  • Modify properties
  • View properties
  • Publish
  • View

You can also click the button to open the Access Flags dialog box which allows selection of the custom bitmask.

The following table lists these levels and respective bitmask values:

Display name Internal name Bitmask value
Full control FULL CONTROL DOCUMENT 0xf3dd7
Minor versioning MINOR VERSION DOCUMENT 0x205f3
Major versioning MAJOR VERSION DOCUMENT 0x205f7
Modify properties WRITE DOCUMENT 0x205b3
View properties READ 0x20001
Publish PUBLISH 0x208b1
View VIEW 0x20081

Internal names are given based on the FileNet P8 API names.

When you enter an external name, the component stores the internal name in the configuration.  Therefore, if an RRT of another component is used in this combo box, this RRT should be replaced with the internal name of desired access level.  Alternatively it can be replaced with an integer (decimal or hexadecimal) representing the desired bitmask.

A bitmask is composed from the individual access rights.