From the beginning in version 1, cattaDoc had basic access control. Version 2 added enhanced permission control to cattaDoc. Enhanced permission control is optional, you´ll have to enabled it to take advantage of its facilities.
In this document:
Basic access control is enabled by default in cattaDoc. It divides all users in cattaDoc into 3 categories:
Enhanced permission control is built on top of basic access control. It does not replace basic access control, but enhances it. Enhanced permission control adds granularity to basic access control: With enhanced permission control you can define permissions or access control lists (ACL) to every individual object in cattaDoc. You can define that a certain group of users have author rights to a document, while others only have reader rights or cannot even see it. And this is not limited to documents: It also includes projects, companies and contact persons.
Enhanced permission control is based on on the Unix/Linux security scheme where each object belongs to one group so that you can define access rights for users belonging to this group combined with another set of access rights for all others. The access rights - or permissions - are:
These permissions can be defined for own group and for others, i.e. for all other groups. One typical scenario is where own group has author access and others have reader access.
In addition, all objects have an owner, by default the object creator. The owner can always change permissions for the object, even though the group he or she is assigned to may only have author permissions.
Users belong to one or more groups. For access rights, all the groups are equal. One of the groups, however, are defined as the user's primary group. Objects created by the user inherits by default the user's primary group. This can, however, be changed afterwards.
Basic access control still applies when working with enhanced permission control:
Read more about how you work with enhanced permission control in cattaDoc.
Enhanced permission control is an obvious choice in a number of cases:
All this can be accomplished in cattaDoc, but only through the use of enhanced permission control.
In principle, there should be a little performance penalty in using enhanced permission control. For every action and every event there are more checks and control mechanisms. More joins between tables in the database are necessary when using enhanced permission control. However, in reality this potential performance penalty is marginal, if at all measurable.
But in general: Only use enhanced permission control if you need it.