2.3 Controlling User Access throughout the Vibe Site

By assigning users to access control roles for the Novell Vibe site, you can give users additional rights, or restrict current rights.

2.3.1 Understanding Default Roles

By default, you can assign users to various roles in workspaces and folders, as well as in entries.

Understanding Default Workspace and Folder Roles

Role

Description

Participant

Can create entries and modify those entries, plus perform tasks associated with the Visitor role.

Allow Adding Guest Access

Can make Vibe workspaces and folders available to Guest users in Vibe.

By default, Guest users can access only the Guest user personal workspace, as well as any workspace or folder that the Vibe administrator has granted them rights to access.

For more information, see Section 5.4.4, Enabling Individual Users to Grant Guest Access throughout the Vibe Site.

Can Only See Members Of Groups I Am In

Removes a user’s ability to view other Vibe users who are not members of a group that he or she belongs to.

Guest Participant

Can read entries, create entries, and add comments.

Override “Can Only See Members Of Groups I Am In”

Overrides the Can Only See Members Of Groups I Am In role. This can simplify the administration of the Can Only See Members Of Groups I Am In role.

For example, you might assign the Can Only See Members Of Groups I Am In role to a group, but at the same time you want to allow certain members of the group to retain their ability to see users that belong to groups outside of their own. In this circumstance, you can assign the Override “Can Only See Members Of Groups I Am In” role to the members who you want to retain their ability to see users outside of their own groups.

Team Member

Has all the rights of a Participant. In addition, can generate reports and manage community tags.

Token Requester

Can make Web service calls on behalf of another Vibe user.

This functionality can enable administrators to perform proxy functions for individual Vibe users without logging in as the Vibe user. This means that the Web services application does not cache individual users’ credentials in order to perform operations.

This role should not be assigned to a Vibe user, but rather to a system-level (agent) account that you want to be responsible for executing Web service operations on behalf of one or more regular Vibe users.

For more information about the Web services operations that support the Token Requester role, see admin_getApplicationScopedToken and admin_destroyApplicationScopedToken in the Novell Vibe 3.2 Developer Guide.

Visitor

Has read-only and comment-only access.

Workspace and Folder Administrator

Can create, modify, or delete workspaces or folders; moderate participation (modify or delete the entries of others); design entries and workflows; set entry-level access controls on entries of others; and can perform tasks associated with the Participant and Team Member role.

Workspace Creator

Can create sub-workspaces. In Team Workspace Root workspaces, this role allows users to create their own team workspaces.

Zone Administration

Has all rights associated with access control.

Understanding Default Entry Roles

Role

Description

Read

Can read the entry.

Read and Reply

Can read the entry and add comments or replies to the entry.

Write

Can read the entry, add comments or replies, and modify the entry.

Delete

Can read the entry, add comments or replies, modify, and delete the entry.

Change ACL

Can read the entry, add comments or replies, modify, and delete the entry. This role can also modify the access control settings of the entry.

2.3.2 Assigning a User to a Role

To assign a user to a particular role for every place on the Vibe site:

  1. Log in to the Vibe site as the Vibe administrator.

  2. Click the Settings icon in the upper right corner of the page, then click the Administration Console icon .

    The Administration page is displayed.

  3. Under System, click Access Control for Zone Administration.

    Configure Access Control for a zone

    A basic Vibe site consists of a single zone. Novell Vibe allows you to set up multiple zones in a single Vibe site. For more information about creating multiple zones, see Section 16.0, Setting Up Zones (Virtual Vibe Sites).

  4. Add the user to whom you want to grant the site-wide role to the Access Control table.

    For information on how to add users to the Access Control table, see Adding Users to the Access Control Table in the Novell Vibe 3.2 Advanced User Guide.

  5. Add the role that you want to grant to the Access Control table.

    For information on how to add roles to the Access Control table, see Adding Roles to the Access Control Table in the Novell Vibe 3.2 Advanced User Guide.

  6. Click Save Changes, then click Close.