Object store security levels
Explanation of object store security levels.
The table below maps object store security levels to the rights from which they are comprised. For example, the Use object store security level includes the rights Connect to store, Create new objects, Modify existing objects, and Delete objects. Access rights to an object store are limited to only that object store and do not extend to other object stores in the FileNet® P8 domain.
In Administration Console for Content Platform Engine, the object store's security page lists the users and groups that were added while running the object store wizard as follows:
- Users and groups added as users receive the Use object store level.
- Users and groups added as administrators get Full Control and are therefore object store administrators.
Each right in the table is expressed as a user interface (UI) description of the right and as an access right setting that corresponds to the UI description. For example, the right to connect to an object store could appear as Connect to store in an application UI, but the actual setting for connecting to an object store is the AccessRight.CONNECT value.
| Rights | Full Control | Use object store | View object store <Default> |
|---|---|---|---|
Connect to store AccessRight.CONNECT |
 |
|
|
Create new objects AccessRight.STORE_OBJECTS |
|
|
|
Modify existing objects AccessRight.MODIFY_OBJECTS |
|
|
|
Delete objects AccessRight.DELETE |
|
|
|
Set owner of any object AccessRight.WRITE_ANY_OWNER |
|
||
Read permissions AccessRight.READ_ACL |
|
||
Modify permissions AccessRight.WRITE_ACL |
|
||
Modify retention AccessRight.MODIFY_RETENTION |
|
||
Modify certain system properties AccessRight.PRIVILEDGED_WRITE |