I have some confusion Regarding ACL entries in Web application environment.
Consider I have one web-application, and ANNONYMOUS access level is say ‘Manager’.
Maximum Internet name and password set to ‘Editor’.
Also same time I have selected DEFAULT ‘No Access’.
Then my questions are,
What will be the effective access for the users who are in the ACL?(I mean Individually added to the ACL)
What will be the effective access for the users who are not in the ACL?
In both the questions user is accessing db through web.
Also one more question, if a person has a Editor access to the database we have to restrict that person from editing some of the documents , but same time he has to view all the documents. How can we achive this?
I hope questions are clear. If not just ask me. Thanks in Advance.
Logged-in users who are listed in the ACL will have the access they are granted in the ACL up to the level of Editor (the max you have set for internet access). Anonymous users (users who are not logged in) will have Editor access. Logged-in users who are NOT listed in the ACL will have no access.
Don’t give Editor access to users who shouldn’t be able to edit all documents. Give them Author access and use Authors-type fields to control edit permissions.
As long a user is not autheticated the user will have editor access (According to the anonymous level in combination with the maximum Internet name and password setting in the ACL)
When a user authenticate he/she will get the access level set according to the ACL. If not named explicitly or via a group he/she will get Default level access. If that is higher than ‘maximum Internet name and password’ he/she will drop to the value of this setting.
For the second question you have to use Reader and Author fields on the document. But when a person is editor the author fields are not used. This fields are only used when access level is Author.
Reader fields are always used so when a person is not a reader of the docuemnt he can’t get edit it also.