Content Manager 23.3 Content Manager

Record Type Access Controls and security

Content Manager has a concept of Record Type definitions. These enable a user of user type Administrator to define default settings and behaviours for the different types of information items that an organisation wants to manage - for example, whether the records can be electronic, which titling method a record uses, what attributes can be assigned to a record at creation etc.

Access Control for the Record Type itself

As part of the Record Type definition, the system administrator can set Access Controls for the Record Type definition itself - that is, who can use this definition for the creation of new records, who can make changes to the Record Type definition, who can change Access Control on the Record Type definition and who can remove the Record Type definition.

The setting in this area that will affect the day-to-day management of information by users is Can Use.

If a user is not included in this Access Control, they will not be able to create new records of this type.

Default security and Access Controls for records of this Record Type

The system administrator can define a security level and caveat(s) profile for each Record Type which will be inherited by the records that are created using this Record Type.

In addition to the default security level and caveat, the system administrator can define default settings for Access Controls on the records created.

Default Access Control inheritance

The Record Type administrator can select one of the following Access Control inheritance settings for new records created with a particular Record Type.

See Combined Copy Style options.

Set access control on the created item to be the same as this one
Set access control on the created item to unrestricted
Set access control on the created item to Based on Container
Set access control on the created item to the Record owner

The Access Controls to be inherited from this setting are entered for the Record Type using the same setting as for individual records:

View Document - see View Access Controls
View Metadata - see View Access Controls
Update Document - see Update Access Controls
Update Record Metadata - see Update Access Controls
Modify Record Access - see Modify Record Access permission
Destroy Record - see Destroy Record Access Control
Contribute Contents - see Update Access Controls.

Copy Style

In addition to being inherited by the individual items that are created, the Access Controls defined in the default section of the Record Types can also be used in addition to the individual record Access Controls.

This means that when the default Access Control for a Record Type is set to Group A, all users wanting to access individual records of this type must be a member of Group A in addition to any Access Controls assigned to the individual record.

Related information