• Document Up to Date

Global Permission Mappings Config

The global permission mappings configuration file lets you configure the permissions to a role globally for the entire application

Permissions per site are managed within Crafter Studio’s UI. See Permission Mappings for more information on site permissions.

Here’s the default global permissions configuration. It contains the permissions mappings for the roles defined in the global role mappings configuration file. To access the file, using your favorite editor, navigate to CRAFTER_HOME/data/repos/global/configuration/ then open the file global-permission-mappings-config.xml. Remember to restart Crafter so your changes to the file will take effect.

CRAFTER_HOME/data/repos/global/configuration/global-permission-mappings-config.xml
 1<!--
 2   This file contains global permissions configuration for Crafter Studio. Permissions per site are managed
 3   within Crafter Studio's UI.
 4
 5   The structure of this file is:
 6   <permissions>
 7     <site id="###GLOBAL###"> (global management)
 8       <role name="">
 9         <rule regex="/.*">
10           <allowed-permissions>
11             <permission>Read</permission>
12             <permission>Write</permission>
13             <permission>Delete</permission>
14             <permission>Create Folder</permission>
15             <permission>Publish</permission>
16           </allowed-permissions>
17         </rule>
18       </role>
19     </site>
20   </permissions>
21
22   This binds a set of permissions to a role globally for the entire application.
23 -->
24
25<permissions>
26  <role name="system_admin">
27    <rule regex="/.*">
28      <allowed-permissions>
29        <permission>Read</permission>
30        <permission>Write</permission>
31        <permission>Delete</permission>
32        <permission>Create Folder</permission>
33        <permission>Publish</permission>
34        <permission>create-site</permission>
35        <permission>read_groups</permission>
36        <permission>create_groups</permission>
37        <permission>update_groups</permission>
38        <permission>delete_groups</permission>
39        <permission>read_users</permission>
40        <permission>create_users</permission>
41        <permission>update_users</permission>
42        <permission>delete_users</permission>
43        <permission>read_cluster</permission>
44        <permission>create_cluster</permission>
45        <permission>update_cluster</permission>
46        <permission>delete_cluster</permission>
47        <permission>audit_log</permission>
48        <permission>read_logs</permission>
49        <permission>list_cmis</permission>
50        <permission>search_cmis</permission>
51        <permission>clone_content_cmis</permission>
52        <permission>upload_content_cmis</permission>
53        <permission>add_remote</permission>
54        <permission>list_remotes</permission>
55        <permission>pull_from_remote</permission>
56        <permission>push_to_remote</permission>
57        <permission>rebuild_database</permission>
58        <permission>remove_remote</permission>
59        <permission>S3 Read</permission>
60        <permission>S3 Write</permission>
61        <permission>delete_content</permission>
62        <permission>webdav_read</permission>
63        <permission>webdav_write</permission>
64        <permission>write_configuration</permission>
65        <permission>write_global_configuration</permission>
66        <permission>encryption_tool</permission>
67       </allowed-permissions>
68     </rule>
69   </role>
70 </permissions>

Description

List of available permissions

Permission

Description

add_remote

User is permitted to add a remote repository

audit_log

User is permitted to access the Audit from the Main Menu for viewing all the audit logs

cancel_failed_pull

User is permitted to cancel a failed pull from a repository

cancel_publish

User is permitted to cancel a publish request

Change Content Type

User is permitted to change content type

clone_content_cmis

User is permitted to clone content from a CMIS repository

commit_resolution

User is permitted to commit resolution

Create Content

User is permitted to create new content

Create Folder

User is permitted to create new folder

create_cluster

User is permitted to access the Cluster from the Main Menu for managing clusters

create_groups

User is permitted to access the Groups from the Main Menu for managing groups

create_users

User is permitted to access the Users from the Main Menu for managing users

create-site

User is permitted to access the Sites from the Main Menu for managing sites

Delete

User is permitted to delete content

delete_cluster

User is permitted to delete a member of the cluster

delete_content

User is permitted to delete content using API v2

delete_groups

User is permitted to delete a group

delete_users

User is permitted to delete a user

encryption_tool

User is permitted to access the Encryption Tool from the Main Menu to encrypt a text value

get_publishing_queue

User is permitted to get the list of packages in the publishing queue

list_cmis

User is permitted to list files and folders in a CMIS repository with an optional range for pagination

list_remotes

User is permitted to list remote repositories for a site

Publish

User is permitted to approve submitted content for publishing or publish content

pull_from_remote

User is permitted to pull content from remote repository to site content repository

push_to_remote

User is permitted to push content to remote repository from site content repository

Read

User is permitted to read content

read_cluster

User is permitted to read all the members of the cluster

read_groups

User is permitted to get all groups

read_logs

User is permitted to access the Logging Levels and Log Console tools from the Main Menu

read_users

User is permitted to get all users

rebuild_database

User is permitted to rebuild Crafter Studio’s database and object state with the underlying repository

remove_remote

User is permitted to remove remote repository from site content repository

resolve_conflict

User is permitted to resolve a conflict for a file by accepting ours or theirs

S3 Read

User is permitted to get a list of items from an S3 bucket

S3 Write

User is permitted to upload a file to an S3 bucket

search_cmis

User is permitted to search files and folders in a CMIS repository with an optional range for pagination

site_diff_conflicted_file

User is permitted to get the difference between ours and theirs for a conflicted file for a site

site_status

User is permitted to get status of repository for a site

update_cluster

User is permitted to update the cluster

update_groups

User is permitted to update groups

update_users

User is permitted to update user

upload_content_cmis

User is permitted to upload an asset file to CMIS repository

webdav_read

User is permitted to get a list of items from a WebDAV server

webdav_write

User is permitted to upload a file to a WebDAV server

Write

User is permitted to user is permitted to edit content

write_configuration

User is permitted to write configuration content for site

write_global_configuration

User is permitted access to the Global Config tool from the Main Menu