Programmer's Guide:
Using Permissions
In eRoom 7.0, there are three types of administrators: site administrator,
community administrator, and room coordinator. The site admin has access
to the entire site - all communities and rooms - and can modify any item
or member list. Community admins have access to the entire community they
administer, but the site admin can limit how much the community admins
can modify. Room coordinators have access to the entire room that they
coordinate, but again their ability to modify members and groups can be
limited. All of these characteristics can be adjusted through the IERUPermissionManager
interface. A IERUPermissionManager interface is retrieved from the IERUCommunity interface, so the scope
of any changes made applies only to that community.
Community Admin Permissions
Through the Permission Manager, you can determine whether community
admins are allowed to do any of the following: create facilities, rename
facilities, create directory connections, rebuild the full text index,
define Documentum connections, add or remove guests, and change the room
size limits. Each of these permissions has a corresponding property on
the IERUPermissionManager. If you set any of these properties to true,
it means anyone assigned the role of community admin will have this permission.
Setting Individual Permissions
You may want to grant certain individuals particular permissions, rather
than grant them to a whole group of people. In this case, use the GrantPermission()
method to give an individual user or group a particular permission. The
options are listed by the ERUPermission
enum. You can grant access to do the following: be a community admin,
create rooms, see the community member list, modify the community member
list, create groups, and modify passwords. If you wish to remove a permission
for user or group, then use the RevokePermission()
method. There are also methods for checking whether a member has a particular
permission (HasPermission) and
for getting the collection of members who have been granted a particular
permission (GetMembersForPermission). |
|