Platform Explorer / Nuxeo Platform LTS 2017 9.10

Contribution org.nuxeo.ecm.core.security.defaultPermissions--permissions

This contribution is part of XML component org.nuxeo.ecm.core.security.defaultPermissions inside nuxeo-core-9.10.jar /OSGI-INF/permissions-contrib.xml

Extension Point

Extension point permissions of component SecurityService.

Contributed Items

  • <permission name="Browse"/>
  • <permission name="ReadProperties">
          <include>Browse</include>
        </permission>
  • <permission name="ReadChildren"/>
  • <permission name="ReadLifeCycle"/>
  • <permission name="ReviewParticipant"/>
  • <permission name="ReadSecurity"/>
  • <permission name="WriteProperties"/>
  • <permission name="ReadVersion"/>
  • <permission name="WriteVersion">
           <include>WriteProperties</include>
        </permission>
  • <permission name="Version">
           <include>ReadVersion</include>
           <include>WriteVersion</include>
        </permission>
  • <permission name="Read">
          <include>Browse</include>
          <include>ReadVersion</include>
          <include>ReadProperties</include>
          <include>ReadChildren</include>
          <include>ReadLifeCycle</include>
          <include>ReadSecurity</include>
          <include>ReviewParticipant</include>
        </permission>
  • <permission name="AddChildren"/>
  • <permission name="RemoveChildren"/>
  • <permission name="Remove"/>
  • <permission name="ManageWorkflows"/>
  • <permission name="WriteLifeCycle"/>
  • <permission name="Unlock"/>
  • <permission name="Remove">
          <include>RemoveChildren</include>
          <!-- NXP-10929: necessary to follow the "delete" transition when Trash is enabled -->
          <include>WriteLifeCycle</include>
        </permission>
  • <permission name="ReadRemove">
          <include>Read</include>
          <include>Remove</include>
        </permission>
  • <permission name="Write">
          <include>AddChildren</include>
          <include>WriteProperties</include>
          <include>Remove</include>
          <include>ManageWorkflows</include>
          <include>WriteLifeCycle</include>
          <include>WriteVersion</include>
        </permission>
  • <permission name="ReadWrite">
          <include>Read</include>
          <include>Write</include>
        </permission>
  • <permission name="WriteSecurity"/>
  • <permission name="Everything"/>
  • <permission name="RestrictedRead"/>

XML Source

<extension point="permissions" target="org.nuxeo.ecm.core.security.SecurityService">

    <permission name="Browse"/>
    <permission name="ReadProperties">
      <include>Browse</include>
    </permission>
    <permission name="ReadChildren"/>
    <permission name="ReadLifeCycle"/>
    <permission name="ReviewParticipant"/>
    <permission name="ReadSecurity"/>

    <permission name="WriteProperties"/>
    <permission name="ReadVersion"/>

    <permission name="WriteVersion">
       <include>WriteProperties</include>
    </permission>

    <permission name="Version">
       <include>ReadVersion</include>
       <include>WriteVersion</include>
    </permission>

    <permission name="Read">
      <include>Browse</include>
      <include>ReadVersion</include>
      <include>ReadProperties</include>
      <include>ReadChildren</include>
      <include>ReadLifeCycle</include>
      <include>ReadSecurity</include>
      <include>ReviewParticipant</include>
    </permission>

    <permission name="AddChildren"/>
    <permission name="RemoveChildren"/>
    <permission name="Remove"/>
    <permission name="ManageWorkflows"/>
    <permission name="WriteLifeCycle"/>
    <permission name="Unlock"/>

    <permission name="Remove">
      <include>RemoveChildren</include>
      <!-- NXP-10929: necessary to follow the "delete" transition when Trash is enabled -->
      <include>WriteLifeCycle</include>
    </permission>

    <permission name="ReadRemove">
      <include>Read</include>
      <include>Remove</include>
    </permission>

    <permission name="Write">
      <include>AddChildren</include>
      <include>WriteProperties</include>
      <include>Remove</include>
      <include>ManageWorkflows</include>
      <include>WriteLifeCycle</include>
      <include>WriteVersion</include>
    </permission>

    <permission name="ReadWrite">
      <include>Read</include>
      <include>Write</include>
    </permission>

    <permission name="WriteSecurity"/>

    <!-- special permission given to administrators: god-level access -->
    <permission name="Everything"/>

    <!-- deprecated - was used only for a single customer
      project before pluggable permission definitions -->
    <permission name="RestrictedRead"/>

  </extension>