About TEXTML Server permissions

TEXTML Server permissions control access to server components (servers and docbases) and to repository components (collections and documents).

Permissions are implemented by assigning roles and collection permissions to groups and users configured on your operating system. Authentication allows the TEXTML Server to identify the user and to determine the Windows or Linux groups to which this user belongs. After authenticating a user, the TEXTML Server retrieves the permissions assigned to this user based on the user name and groups.
Note: Authentication must be enabled, otherwise TEXTML Server permissions will not be applied. See the TEXTML Server Installation Guide for more information.

Server components permissions

Use the Administration Console to assign roles to Windows or Linux groups and users, as shown in the following table:
Table 1. Available roles per server component
Server component Available roles
Server
  • Server Administrator: Has all the permissions on the server and all of its docbases
  • Server User: Has some permissions on the server (connect to the server, read properties and statistics, etc.) and no permission on the server's docbases
  • Document Base Administrator: Has all the permissions on all the server's docbases
  • Document Base User: Has some permissions on all the server's docbases (read docbase properties, create and update own documents, etc.)
Docbase
  • Document Base Administrator: Has all the permissions on that docbase
  • Document Base User: Has some permissions on that docbase (read docbase properties, create and update own documents, etc.)
Permissions inheritance on server components
Permissions are inherited as follows on server components:
  • When you assign the Server Administrator role to a group or user, this group or user automatically inherits the permissions of the Server User, Document Base Administrator, and Document Base User roles. Docbase permissions for a group or user with the Server Administrator role cannot be modified on the docbase. To modify docbase permissions for a group or user with the Server Administrator role, you must remove this role from the group on the server.
  • Docbase permissions can be assigned on a server or a docbase. Docbase permissions assigned on a server are inherited by all the docbases on this server, but they can be modified on the docbase (with the exception of a group or user that is assigned the Server Administrator role, which always has all the permissions).

Repository components permissions

For the collections in the docbase, roles are not used. Instead, server or docbase administrators can assign the following document-specific permissions to users and groups:
  • Read: View all documents and permissions in the collection
  • Write: Copy, move, rename, delete, and create documents and collections
  • User Administration: Configure permissions

The root collection of a docbase is called a repository. Administrators can configure permissions for the repository and the collections.

Permissions inheritance on repositories and collections

By default, repository and collection permissions are inherited as follows:
  • Permissions assigned to a collection are automatically inherited by all the documents in this collection. Permissions cannot be modified per document.
  • Server Administrators and Document Base Administrators have Read, Write, and User Administration permissions on repositories, collections, and documents.
  • Server Users and Document Base Users have Read and Write permissions on repositories, collections, and documents.
However, these permissions can be modified. You can assign permissions on a repository and specify that they be automatically applied to all the collections inside the repository.

When you assign permissions for repositories and collection, these permissions become restrictive, meaning that all other inherited permissions assigned for this repository or collection are automatically removed.