Global Permissions

By granting users global permissions, the users are given authorizations which do not relate to working with individual files, but to administrative activities. A user who, for example, has user administration permission may create, edit or delete logins. Specifically, the following global permissions can be granted:

  • Administraton (permissionGlobalRoot): Users to whom this permission has been granted possess all authorizations. An administrator is also referred to as a superuser . This permission is always required if no other permission is sufficient for performing an action (such as creating or editing jobs).
  • Edit users and groups (permissionGlobalUserEdit): Create, edit or delete login names and user groups; grant permissions
  • Edit User Fields (permissionGlobalUserAttributeEdit): Create, edit or delete user fields
  • Edit global settings (permissionGlobalRTCEdit): Create, edit or delete file formats, fields, channels, and workflows.
  • Perform an export (permissionGlobalExport): Execute commands with which folders can be exported.
  • Creating mirror files (permissionGlobalMirrorHandling): This permission is required for creating mirror files. Additionally, the file-specific restrictions apply, meaning that the user requires the permissionCreateChildren permission for the folder concerned.

In addition to the permissions mentioned, additional global permissions, such as e. g. permissions for the use of formats, can be freely defined in the globalPermissions entry in the userManagement.xml configuration file of the Content Management Server: In each format definition, one of the predefined or additional permissions can be specified so that a user can only create files based on that format if he or she has this global permission.