Defining roles within a library

You can define the access of a user or group for a library to determine who has access to a library, and to define access to the different views within the authoring portlet.

You must have administrator access to edit Web content libraries.
Additive and subtractive methodology:

You can assign roles to both a whole library, and the item types within a library using either an additive or subtractive methodology.

For example, with an additive methodology, you apply the "All Authenticated Portal Users" to the "Contributor" role to the entire library. This grants "All Authenticated Portal Users" access to the library and any authoring portlets configured to use the library. You then apply Editor, Manager, or Administrator roles to specific resource types to grant additional access to specified users or groups.

With a subtractive methodology, you apply the Manager or Administrator role to a user or group to the entire library. You then apply Editor, Contributor, or User roles to specific item types and clear the inheritance check box. This reduces the access to different item types for specified users or groups.

We recommend that propagation from the Web content library is enabled because this simplifies administering library access and because disabling propagation results in access-related errors.

Assigning access permissions to a library and library item types:

  1. Open the administration portlet.
  2. Go to Portal Content and then Manage Web Content Libraries.
  3. Set your library access permissions:
    1. Click permissions on the library you would like to edit.
    2. Click edit on the role you would like to edit.
    3. Click Add and search for any users or groups you would like to assign to a role.
    4. Click OK.
    5. Click Resources to return to the previous view.
    6. Click Done.
  4. Set access permissions to the different library item types. This defines the views and actions that are available from within the authoring portlet:
    1. Click library resource on the library you would like to edit.
    2. Click edit on the role you would like to edit.
    3. Click Add and search for any users or groups you would like to assign to a role.
    4. Click OK.
    5. Click Resources to return to the previous view.
    6. Click Done.
Item-level security inheritance:

By default, each role's access is automatically inherited down to each item in a library. To prevent a user or group from automatically having inherited access to an item, you need to turn off inheritance on that item.

The permissions set for item types in a library do not automatically give you access to individual items. They only give you access to specific tasks and views within the authoring portlet.

To disable automatic inheritance you, specify the following property in the WCM WCMConfigService service using the IBM® WebSphere® Application Server administration console:
  • Property name: default.inherit.permissions.enabled
  • Value: false

You need to restart WebSphere Portal to enable any configuration changes.

Parent topic: Web content library management