HyperContent v1.4 manual Overview Getting Started Using the Content Manager Authoring Content Developing Sites Project Definition Files Filesystems Path patterns Content Types XML Content RDF: Extensible Metadata Dublin Core Metadata VCard Metadata XML Includes XSL Transformations Filters Non-XML Content Editors Ignored Directories Permissions Navigation and Site Maps Optimizations Glossary Bibliography Permissions in HyperContent provide control over the basics of authorization, such as controlling read and write access to directories and files. Permissions are associated with users or groups of users. The frameworks and GUI tools used to manage groups and permissions are part of the uPortal framework. The uPortal site has some documentation available to help understand these tools: uPortal Groups Service developer's guide uPortal permissions design uPortal Composite Group service documentation uPortal Groups Manager Channel user's guide This manual also contains a chapter on setting permissions in the Content Manager. There are seven activities in HyperContent which can be authorized: Read: view the target repository path and preview its output Write: edit content and save changes Create: create new directories and files Delete: delete directories and files Grant Permissions: grant permissions on directories and files Build: build files Publish: publish files Here are some useful things to keep in mind with regard to permissions in HyperContent: When you first install HyperContent, or when you create a new project, you have to configure permissions as a Portal Administrator (super-user), before any regular users can have access. New projects can only be created by users with permission to create files in the "HyperContent Project Definitions" project. Users are only allowed to open a project if they have read permission on the root directory of that project's repository. Permissions apply recursively from directories to their subdirectories, but a DENY permission on a subdirectory overrides a GRANT permission on its parent. Thus you can DENY read access to particular directories in order to hide them from some users. Permissions are inherited recursively by the members of a group and its subgroups, but a permission given to a subgroup overrides a permission on its parent group for users who are members of the subgroup. Thus you can DENY read access on a folder to your project group, but GRANT read access to a subgroup of project administrators. While HyperContent does not have formal workflow, you can grant content authors the ability to BUILD but not PUBLISH their changes, so that they must request publication from an administrator.