Overview Table Reference Diagram Index
Database Documentation

Table LS_PERMISSION

The object permission table. Each domain or content object may have an access control list associated with it, in the form of one of more rows in this table. In the absence of an access control list, the content object inherits all permissions from its parent object. If no parent object exists to inherit from, the empty access list is inherited which allows no access for others than superusers.

Column Summary
ADMIN SMALLINT NOT NULL
      The admin permission flag.
CONTENT INTEGER NOT NULL
      The content object identifier.
DOMAIN VARCHAR(30) NOT NULL
      The name of the domain the content object belongs to.
GROUP VARCHAR(30) NOT NULL
      The name of the group to which this permission row applies.
PUBLISH SMALLINT NOT NULL
      The publish permission flag.
READ SMALLINT NOT NULL
      The read permission flag.
USER VARCHAR(30) NOT NULL
      The name of the user to which this permission row applies.
WRITE SMALLINT NOT NULL
      The write permission flag.

Index Summary
PRIMARY KEY (DOMAIN, CONTENT, USER, GROUP)
      The content permission is uniquely indexed by the domain, content identifier, user name, and group name.

Column Detail

DOMAIN

DOMAIN VARCHAR(30) NOT NULL
The name of the domain the content object belongs to.

Reference To:

LS_DOMAIN.NAME
LS_CONTENT.DOMAIN

CONTENT

CONTENT INTEGER NOT NULL
The content object identifier. The permissions are valid for all revisions of a content object. If this value is zero (0), the permission applies to the domain object itself.

Reference To:

LS_CONTENT.ID

USER

USER VARCHAR(30) NOT NULL
The name of the user to which this permission row applies. If set to an empty string, the user name is ignored and the group name is used. If the group name is also blank, the anonymous user is assigned the permissions. At least one of the user and group fields should be blank.

Reference To:

LS_USER.NAME

GROUP

GROUP VARCHAR(30) NOT NULL
The name of the group to which this permission row applies. If set to an empty string, the group name is ignored and the user name is used. If the user name is also blank, the anonymous user is assigned the permissions. At least one of the user and group fields should be blank.

Reference To:

LS_GROUP.NAME

READ

READ SMALLINT NOT NULL
The read permission flag. This flag is set to one (1) if the user or group has permission to read the content object.

WRITE

WRITE SMALLINT NOT NULL
The write permission flag. This flag is set to one (1) if the user or group has permission to edit the content object. Note, however, that the changes may not be published unless the user or group also has the publish permission.

PUBLISH

PUBLISH SMALLINT NOT NULL
The publish permission flag. This flag is set to one (1) if the user or group has permission to change the publish status of a content object. This implies the right to publish work revisions, unpublish revisions, or delete content objects.

ADMIN

ADMIN SMALLINT NOT NULL
The admin permission flag. This flag is set to one (1) if the user or group has permission to change the permissions of the content object.

Index Detail

PRIMARY KEY

PRIMARY KEY (DOMAIN, CONTENT, USER, GROUP)
The content permission is uniquely indexed by the domain, content identifier, user name, and group name.
Overview Table Reference Diagram Index
Database Documentation