You can override the default site permissions for
any content you add to the document library. This lets you control what site members
can see and do with your content.
Each user has an
assigned role in the site - Manager, Collaborator, Contributor, or Consumer - and
each role has a default set of permissions. This controls the actions site members
can perform in the site.
Note: In
Content Services 6.2.2 and above changing permissions on a node with no explicit
permissions (i.e. all permissions are inherited from a parent) has a time limit for
the ACL propagation on children. This is needed for large node-trees where changes
cannot be performed synchronously in one transaction due to resource limitations. In
these cases the updates to the nodes will be scheduled for asynchronous processing
which will be used for all changes that could not be completed within the set time
limit. The limit can be configured by changing the
system.fixedACLs.maxTransactionTime property in the
\tomcat\shared\classes\alfresco-global.properties file. The
processing is handled by the fixedACLsUpdater job which can be
scheduled to run by changing a CRON expression in the property:
system.fixedACLsUpdater.cronExpression.
The Manage Permissions feature
goes beyond the site permissions. It lets you override a user’s site role for a
particular content item or folder. This means you can give a site member either more
or less access to specific content compared to what they can do with other content
in the library.
This can be really useful to hide and restrict content to only
a set group of site members.
Note: Remember to keep your
content secure. If you give someone access to a file or folder then they’ll see the
breadcrumb path to it, even when they don’t have access to it’s parent
folder.
Note: Don’t give permissions to users who aren’t a member
of the site, as this can cause problems with the document library.