Access classes

Build 1501 on 14/Nov/2017  This topic last edited on: 4/Nov/2014, at 17:46

Access classes increase the flexibility of the GN4 security model, allowing you to grant or deny permissions on four levels of a content, e.g. in an object stored in a folder you can set - if you want - different permissions on editing text, metadata, referenced items (images) and so on, or granting someone to edit image's metadata, but not the image itself.

Technically speaking an individual permission for each access class allows to grant or deny access to different attributes of an object.

There are four access classes:

Normal

Protected

Special

Content

Access classes for attributes are defined in schema. Search for gs:accessclass in all schemas in C:\tera\GN4\config\Schemas or C:\tera\GN4\main\config\Schemas, and the found lines will look like this one below:

<xs:attribute name="textOverN" type="xs:int" use="optional" default="0" gs:access="Content">

The above means that, to edit the value of the attribute textOverN, an user needs to have granted the Content access class.

The object type access class definition is part of the object type description and by default it is ‘normal’. A different class can be assigned to any object type when defining the database structure.

The access class of an object type is used to restrict the place-in/send-to permissions for objects of the type.  In this example, the object type ‘testSpecial’ is defined with and access type of ‘special’.

<xs:element name="testSpecial">

  <xs:complexType gs:access="special">

    <xs:complexContent>

      <xs:extension base="object">

        <xs:attribute

          name="location"

          type="xs:string"/>

      </xs:extension>

    </xs:complexContent>

  </xs:complexType>

</xs:element>

 

Note that the access class is NOT inherited from the base object.

Find below the list of objects and attributes in Protected, Special and Content access classes.

Click to toggle expandProtected

GN4Archive.xsd

libelTags

scopeRef

GN4Base.xsd

disabled

expirationRuleRef

groups

namedLogin

partitionRef

path

quotaRef

scopeRef

urlAccess

versioningRuleRef

GN4Editorial.xsd

justScopeRef

scopeRef

titleRef

GNPortal.xsd

scopeRef
Click to toggle expandSpecial

GN4Archive.xsd

archives

GN4Base.xsd

password

question

ownQuestion

answer

preObjs

inUseUserRef

inUseIP

inUseLogins

lastReadTime

lastPollingTime

GN4Editorial.xsd

assigns

jumps

printers

thumbnail

variants

Tark4Include.xsd

crops

rotation
Click to toggle expandContent

GN4Archive.xsd

size

GN4Base.xsd

fromPreObjs

objs

variants

GN4Editorial.xsd

articles

bottomM  

clipPath

colorUsage

colW  

content

contextRef

counted

data

formCode

height

high

imgs

interCol  

interMod  

justified

layers

leftM  

localTxts

lockLevel

low

lowColorUsage

modH  

nChars

nLines

nNoFitParas

nParas

nWords

overfullLines

overH  

pages

pixHeight

pixWidth

preview

rightM  

size

textH  

textOverN

thumbnail

topM  

tText

twoSides

variants

width

GNPortal.xsd

audioPreview

channel

creatorTool

data

dataRate

duration

formatVersion

frameRate

height

pixHeight

pixWidth

preview

resolutionX  

resolutionY  

richText

sampleRate  

size  

thumbnai

track

width

words

Tark4Include.xsd

colorUsage

data

duration

frameRate

height  

image

pixHeight

pixWidth

preview

sampleRate

Thumbnail

width  

xmlText

See also

Defining attribute access class