Programmer's Guide:
Using Permissions

In eRoom 7.0, there are three types of administrators:  site administrator, community administrator, and room coordinator. The site admin has access to the entire site - all communities and rooms - and can modify any item or member list. Community admins have access to the entire community they administer, but the site admin can limit how much the community admins can modify. Room coordinators have access to the entire room that they coordinate, but again their ability to modify members and groups can be limited. All of these characteristics can be adjusted through the IERUPermissionManager interface. A IERUPermissionManager interface is retrieved from the IERUCommunity interface, so the scope of any changes made applies only to that community.

Community Admin Permissions

Through the Permission Manager, you can determine whether community admins are allowed to do any of the following: create facilities, rename facilities, create directory connections, rebuild the full text index, define Documentum connections, add or remove guests, and change the room size limits. Each of these permissions has a corresponding property on the IERUPermissionManager. If you set any of these properties to true, it means anyone assigned the role of community admin will have this permission.

Setting Individual Permissions

You may want to grant certain individuals particular permissions, rather than grant them to a whole group of people. In this case, use the GrantPermission() method to give an individual user or group a particular permission. The options are listed by the ERUPermission enum. You can grant access to do the following:  be a community admin, create rooms, see the community member list, modify the community member list, create groups, and modify passwords. If you wish to remove a permission for user or group, then use the RevokePermission() method. There are also methods for checking whether a member has a particular permission (HasPermission) and for getting the collection of members who have been granted a particular permission (GetMembersForPermission).