Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 6 Managing Permissions to Objects : Setting Up Default Permissions

Setting Up Default Permissions
What are Default Permissions?
Default permissions are permissions granted automatically to a user ID or group when an object is created. When you want to control access to your newly created objects, setting up default permissions saves you from having to manage permissions to many individual objects.
To set up default permissions, define a default permissions list using the Specify Permissions Lists interface, available from the Security Management main menu. For more detail, refer to Creating and Accessing a Default Permissions List.
Who Can Specify Default Permissions?
You can specify default permissions for objects created by:
Your security administrator or a system administrator can also set up default permissions for your user ID.
As the object owner, you have the final word in allowing or denying others access to objects you own, subsequent to their creation when default permissions were applied. Changing default permissions does not affect permissions to your existing objects. You should change permissions to existing objects as described in Adding and Updating Default Permissions for Objects.
Default Permissions for Your User ID
You can specify default permissions for your user ID, so that you automatically assign others access to new objects you create. For example, you can set up a default permissions list that provides user SMITH with VIEW_DEFN, INSERT, and REPLACE access rights to new tables you create. When you have saved the default permissions list, any time you create a table, SMITH is automatically given VIEW_DEFN, INSERT, and REPLACE accesses to it.
Default Permissions for a Security Group
You can set up default permissions for a security group for which you have responsibility so that every time someone operating out of this group creates a table, all members listed in the default permissions list are given the specified accesses to it.
For example, the default permissions for the APDEV security group could specify that an object created by a member operating out of this group has the accesses shown in the table below assigned to it automatically, for the specified users and groups.
When you specify a security group as your current group, new objects you create while you operate out of this group are also assigned the default permissions for that security group.
Assignment of Default Permissions at Object Creation
When you create an object, default permissions are assigned in the order below.
If default permissions for objects of the type created are specified for the virtual group ALL, these defaults are applied first.
If default permissions for objects of the type created are specified for the current group, these defaults are applied next. These defaults could override the defaults applied at the previous level.
If default permissions for objects of the type created are specified to the user ID, these defaults are applied last. These defaults could override the defaults applied at the previous levels.
Effects of the Value for Current Group
The value of your current group affects how default permissions are assigned:
If your current group is set to null, new objects you create during the session are assigned the default permissions specified for ALL and each user ID.
If you specify a current group (for example, APDEV) for your session, new objects you create during the session are also assigned the default permissions specified for that Security Group.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved