searchbox has as default a basic user and groups management capability and can assign to every object it manage (Sources, Archives, etc.) an ACL list. Every user or group has can have its own private data and can share it with other users or groups defined into the system through the ACL mechanism.
The user management section is accessible by any user who has administration privileges from the menu item.
The popup window shows the following tabs:
From this tab new users can be added to searchbox. With the Administration privileges checkbox checked the user can modify every object of the current searchbox Engine instance.
Any user can be optionally joined to an existing group (testgroup in the above example). In this case such user inherit all privileges granted for that group.
Root ACL are basic permissions that are given to users and groups about the creation and configuration of searchbox objects. These ACLs can be of three types:
Browsing ACL - Specifies the Browsing root ACL. This ACL controls the rights to enumerate users and groups, and create new collections and watches.
Gathering ACL - Specifies the Crawling root ACL. This ACL controls the rights to create new sources and archives.
Processing ACL - Specifies the Processing root ACL. This ACL controls the rights to create new metadata templates.
In the following table for all possible status of Read/Write flags of each ACL type the list of involved objects and the related types of actions are shown.
Table 7.1. Root ACL schema
| ACL | Sources | Archives | Collections | Watches | Templates | |||||||
| R | W | add/del/edit | view | add/del/edit | view | add/del/edit | view | add/del/edit | view | add/del/edit | view | |
| Gathering | Deny | Deny | no | no | no | no | - | - | - | - | - | - |
Allow | Allow | yes | yes | yes | yes | - | - | - | - | - | - | |
Allow | Deny | no | yes | no | yes | - | - | - | - | - | - | |
| Browsing | Deny | Deny | - | - | - | - | no | no | no | no | - | - |
Allow | Allow | - | - | - | - | yes | yes | yes | yes | - | - | |
Allow | Deny | - | - | - | - | no | yes | no | yes | - | - | |
| Processing | Deny | Deny | - | - | - | - | - | - | - | - | no | no |
Allow | Allow | - | - | - | - | - | - | - | - | yes | yes | |
Allow | Deny | - | - | - | - | - | - | - | - | no | yes | |
Note
The above root ACLs does not take into account the dependences between objects because the actual possibility to view/edit behaviours of an object depends also from the ACLs of other object from which it is connected to (i.e. It is not possible to create an Archive associated to a Source if we does not have read permissions on it).
Selecting one of the Root ACL tabs the following configuration window will be shown.
The accessing rules for each user or group added to Users or Groups list are configured checking the corresponding checkboxes in the Access section.
Once a searchbox object is created the owner can assign to it a specific ACL to let other users to operate on it.
Each searchbox object has its own ACL list that can be configured through the ACL tab of the configuration panel.
As shown in the above picture all objects have associated their own list of users and/or groups with the corresponding access permission (read/write). The configuration panel is the same of Root ACL.