Portal Express, Version 6.0
Operating systems: i5/OS, Linux, Windows
Use item type roles within a library
You define the role of a user or group for each item type used within a library. The roles determine the default library access of a user or group, as well as defining different access to individual tasks and views within the authoring portlet.
Roles used by IBM Workplace Web Content Management
| Roles | Permissions per item type |
|---|---|
| User | Users and groups assigned to this role can view items in a Web site or rendering portlet that they have been assigned read access to.
The simplest way to assign users to this role is to select any of the default user groups such as "All Authenticated Portal Users" or "Anonymous Portal User". Users will still require "read" access to an item before it will be rendered in a Web site or rendering portlet. A User cannot access the authoring portlet. They can only view rendered content. |
| Contributor |
This role is the minimum access required to access the authoring portlet. |
| Editor |
|
| Manager |
|
| Administrator |
|
|
Security Administrator
Delegator Privileged User | These roles have no access to Web Content Management items. |
The difference between Manager and Administrator roles within Web Content Management
Although Manager and Administrator roles have the similar permissions per item type, if you assign an Administrator role to an entire library, you cannot then remove this role from any item type views. This is not true for a Manager role.
IBM® WebSphere® Portal Express Administrators
WebSphere Portal Express Administrators automatically have Administrator access to all item-types.
Assign roles to anonymous or authenticated users
When accessing a Web Content Management Web Site or Rendering Portlet, users login as either anonymous users, or authenticated portal users.
The following pre-defined groups can be assigned roles in a library.
| Anonymous portal user | Select this user to assign a role to anonymous users. |
| All Authenticated Portal Users | Select this group to assign a role to users that have been authenticated by Member Manager. |
| Users and User Groups | Select this group to assign a role to all users and groups. |
| All Portal User Groups | Select this group to assign a role to all groups. |
Additive and subtractive methodology
You can assign roles to both a whole library, and the item types within a library using either an additive or subtractive methodology.
For example, with an additive methodology, you apply the "All Authenticated Portal Users" to the "Contributor" role to the entire library and deselect the propagation check-box. This will give "All Authenticated Portal Users" access to the library and any authoring portlets configured to use the library. You then apply Contributor, Editor, Manager or Administrator roles to specific resource types to grant additional access to specified users or groups.
With a subtractive methodology, you apply the Manager or Administrator role to a user or group to the entire library. You then apply Editor, Contributor or User roles to specific item types and deselect the inheritance check-box. This reduces the access to different item types for specified users or groups.
Item-level security
Assigning a user or group to a role does not automatically give them access to individual items. They only grant access to specific tasks and views within the authoring portlet.
For example, although the "Editor" role grants access to create new presentation templates, only the user who created the presentation template has access to edit the presentation template. You will need to grant additional users or groups edit access on each presentation template for those users or groups to have edit access to all presentation templates.
See Item security for further information.
Parent topic:
Working with libraries