The display and setting of permissions when using MFDS Internal Security differs from that of other security managers. In its model, you cannot create resource entities, or define Access Control Lists for them. Instead there is a predefined set of permissions, which you view and set through the permissions tab when editing user groups. Users inherit their permissions from the groups to which they belong.
The instructions below are for setting permissions for a group. For instructions on adding users to groups, see To assign one or more users to a user group and To assign a user to one or more user groups.
The permissions are displayed in an inverted tree structure. Those on lower branches include the permissions on the branches from which they descend. For example, the permission to restore a repository includes the permission to import a repository. Therefore, restore is shown as a descendant of import.
When you grant a particular permission, any permissions that it includes are automatically granted. Hence, when you check the Restore Repository permission, the Import Repository permission is automatically checked as well.
Where a check box for a permission is greyed out, it indicates that the permission is included by other permissions that have been granted to the group. To revoke a permission that is included by others, you must first revoke those other permissions.