Creating document access profiles and note access profiles
Access to document types is controlled by adding a document access profile section to security-config.xml. You must have a document access profile for each document security type you want to place under document access control. The same is true for notes.
Each document access profile has the following syntax, where type specifies a document or note security type, and perm is a system permission:
<DocumentPermissions>
<DocumentAccessProfile securitylevel="type"> <!-- define for each security type -->
<DocumentViewPermission permission="perm"/> <!-- allow this permission to view-->
<DocumentEditPermission permission="perm"/> <!-- allow this permission to edit-->
<DocumentDeletePermission permission="perm"/> <!-- allow this permission to delete-->
</DocumentAccessProfile>
</DocumentPermissions>
...
<NotePermissions>
<NoteAccessProfile securitylevel="type"> <!-- define for each security type -->
<NoteViewPermission permission="perm"/> <!-- allow this permission to view-->
<NoteEditPermission permission="perm"/> <!-- allow this permission to edit-->
<NotetDeletePermission permission="perm"/> <!-- allow this permission to delete-->
</NoteAccessProfile>
</NotePermissions>In the default configuration, PolicyCenter provides the following document permissions:
<DocumentPermissions>
<DocumentAccessProfile securitylevel="unrestricted"/>
<DocumentAccessProfile securitylevel="internalonly">
<DocumentViewPermission permission="viewintdoc"/>
<DocumentEditPermission permission="editintdoc"/>
<DocumentDeletePermission permission="delintdoc"/>
</DocumentAccessProfile>
<DocumentAccessProfile securitylevel="sensitive">
<DocumentViewPermission permission="viewsensdoc"/>
<DocumentEditPermission permission="editsensdoc"/>
<DocumentDeletePermission permission="delsensdoc"/>
/DocumentAccessProfile>
</DocumentPermissions>There is a similar set of permissions
for notes in the NotePermissions
element.