Manage privileges in InterPlay

You use the PassPort interface to register users and one or more associated role (s). A role is made of a list of privileges. A privilege comprises a set of actions that are authorized on a resource when some conditions are fulfilled.

InterPlay resources are Object Types, Collection Types, Folders, Editors, Statuses and Administration actions. Before you can create privileges on them, you must have previously published the resources and their configuration in PassPort.

The resources are not statically defined once for all. If you create a new Collection Type that defines a Domain property, you may want to register permissions using this Domain property. For instance, a user group with Role1 will be authorized to access the collection from "domain1" while other groups will not.

If the authentication and access management with PassPort has been activated for the InterPlay instance, you can use PassPort user interface to define:

  • Users and group of users
  • Roles that define a list of privileges. A user or a group of users is associated to one or several roles.
  • Privileges that authorizes actions on resources when conditions are verified.

For instance, you may want to create a “Corrector” role that authorizes modifying the content of a Collection when the status of the collection is “To Correct”:

  • Role: Corrector
  • Resource: businessCollection
  • Action: UPDATE
  • Condition: LIFECYCLE_STATUS=”To Correct”

The user having the “Corrector” role inherits these privileges.

Related Links