| 1 |
<?xml version="1.0"?> |
|---|
| 2 |
<component name="org.nuxeo.ecm.core.security.defaultPermissions"> |
|---|
| 3 |
<documentation> |
|---|
| 4 |
Default permissions (atomic and compound) used by the core. If you |
|---|
| 5 |
edit this file, please update the specification file: |
|---|
| 6 |
org.nuxeo.ecm.core/nuxeo-core/doc/NXCore-Security.txt |
|---|
| 7 |
|
|---|
| 8 |
@author <a href="mailto:og@nuxeo.com">Olivier Grisel</a> |
|---|
| 9 |
</documentation> |
|---|
| 10 |
|
|---|
| 11 |
<extension target="org.nuxeo.ecm.core.security.SecurityService" |
|---|
| 12 |
point="permissions"> |
|---|
| 13 |
|
|---|
| 14 |
<permission name="Browse" /> |
|---|
| 15 |
<permission name="ReadProperties"> |
|---|
| 16 |
<include>Browse</include> |
|---|
| 17 |
</permission> |
|---|
| 18 |
<permission name="ReadChildren" /> |
|---|
| 19 |
<permission name="ReadLifeCycle" /> |
|---|
| 20 |
<permission name="ReviewParticipant" /> |
|---|
| 21 |
<permission name="ReadSecurity" /> |
|---|
| 22 |
|
|---|
| 23 |
<permission name="Version" /> |
|---|
| 24 |
<permission name="ReadVersion"> |
|---|
| 25 |
<alias>Version</alias><!-- BBB deprecated old name --> |
|---|
| 26 |
</permission> |
|---|
| 27 |
|
|---|
| 28 |
<permission name="Read"> |
|---|
| 29 |
<include>Browse</include> |
|---|
| 30 |
<include>ReadVersion</include> |
|---|
| 31 |
<include>ReadProperties</include> |
|---|
| 32 |
<include>ReadChildren</include> |
|---|
| 33 |
<include>ReadLifeCycle</include> |
|---|
| 34 |
<include>ReadSecurity</include> |
|---|
| 35 |
<include>ReviewParticipant</include> |
|---|
| 36 |
<include>Version</include><!-- use ReadVersion instead once alias works --> |
|---|
| 37 |
</permission> |
|---|
| 38 |
|
|---|
| 39 |
<permission name="AddChildren" /> |
|---|
| 40 |
<permission name="RemoveChildren" /> |
|---|
| 41 |
<permission name="WriteProperties" /> |
|---|
| 42 |
<permission name="Remove" /> |
|---|
| 43 |
<permission name="ManageWorkflows" /> |
|---|
| 44 |
<permission name="WriteLifeCycle" /> |
|---|
| 45 |
|
|---|
| 46 |
<permission name="Remove"> |
|---|
| 47 |
<include>RemoveChildren</include> |
|---|
| 48 |
</permission> |
|---|
| 49 |
|
|---|
| 50 |
<permission name="ReadRemove"> |
|---|
| 51 |
<include>Read</include> |
|---|
| 52 |
<include>Remove</include> |
|---|
| 53 |
</permission> |
|---|
| 54 |
|
|---|
| 55 |
<permission name="Write"> |
|---|
| 56 |
<include>AddChildren</include> |
|---|
| 57 |
<include>WriteProperties</include> |
|---|
| 58 |
<include>Remove</include> |
|---|
| 59 |
<include>ManageWorkflows</include> |
|---|
| 60 |
<include>WriteLifeCycle</include> |
|---|
| 61 |
</permission> |
|---|
| 62 |
|
|---|
| 63 |
<permission name="ReadWrite"> |
|---|
| 64 |
<include>Read</include> |
|---|
| 65 |
<include>Write</include> |
|---|
| 66 |
</permission> |
|---|
| 67 |
|
|---|
| 68 |
<permission name="WriteSecurity" /> |
|---|
| 69 |
|
|---|
| 70 |
<!-- special permission given to administrators: god-level access --> |
|---|
| 71 |
<permission name="Everything" /> |
|---|
| 72 |
|
|---|
| 73 |
<!-- deprecated - was used only for a single customer |
|---|
| 74 |
project before pluggable permission definitions --> |
|---|
| 75 |
<permission name="RestrictedRead" /> |
|---|
| 76 |
|
|---|
| 77 |
</extension> |
|---|
| 78 |
|
|---|
| 79 |
<extension target="org.nuxeo.ecm.core.security.SecurityService" |
|---|
| 80 |
point="permissionsVisibility"> |
|---|
| 81 |
|
|---|
| 82 |
<visibility> |
|---|
| 83 |
<item show="true" order="10">Read</item> |
|---|
| 84 |
<item show="true" order="50">ReadWrite</item> |
|---|
| 85 |
<item show="true" order="60">ReadRemove</item> |
|---|
| 86 |
<item show="true" order="100">Everything</item> |
|---|
| 87 |
</visibility> |
|---|
| 88 |
|
|---|
| 89 |
</extension> |
|---|
| 90 |
</component> |
|---|
