Each of the seven levels of access in the ACL also has additional privileges that can further refine capabilities of a particular level. These privileges are enabled through the check boxes in the ACL dialog box, just under the Access drop-down. You can see them in Figure 23.12.
Figure 23.12. Access control privileges.
Each of the privileges is explained in the following sections.
This privilege can be changed only for the Author access level and is disabled by default. It can be used to selectively enable or disable an author's ability to create documents in the database. If this privilege is enabled, authors can still read and edit documents in which they are named in an Authors field. ACL entries with Manager, Designer, and Editor access have this privilege enabled by default. For entries with Author access, this is an optional privilege.
This privilege can be used to allow or disallow Authors, Editors, Designers, and Managers the ability to delete documents. If this privilege is disabled for an ACL entry, which is the default, those users and servers won't be able to delete documents. This is an optional privilege for entries with Author, Editor, Designer, and Manager access.
Create Private Agents
This privilege enables you to control the ability to create private agents for an entry in the ACL. Keep in mind that even if you allow users to create private agents, they might not be able to run them because the authority to run agents is controlled by the Agent Restrictions section of the Security tab in the Server document. For more information about running agents, please see the Lotus Domino Designer 6 Help database (designer6_help.nsf). ACL entries with Manager and Designer access have this privilege enabled by default. For entries with Editor, Author, and Reader access, this is an optional privilege.
Create Personal Folders/Views
This privilege enables you to specify whether users can create personal views and folders that are stored on the server. If this is disabled, users can still be authorized to create personal folders and views, but they are stored on their local workstations. ACL entries with Manager and Designer access have this privilege enabled by default. For entries with Editor, Author, and Reader access, this is an optional privilege.
Create Shared Folders/Views
This privilege gives users the ability to create folders and views that can be accessed by other users of the database. This privilege should be used cautiously because it could lead to users viewing documents they shouldn't see. If you grant this privilege, be sure that the users understand view design and security considerations. ACL entries with Manager and Designer access have this privilege enabled by default. For entries with Editor access, this is an optional privilege.
Create LotusScript/Java Agents
This privilege controls a user's ability to create LotusScript and Java agents in the server database. In general, this should be granted only to users who are familiar with database design. Additionally, a user 's authority to run the agents he has created is dependent on the agent restrictions in the Security tab of the Server document. See the Lotus Domino Designer 6 Help database (designer6_help.nsf) for more comprehensive coverage of this topic. I never enable this privilege for end users. ACL entries with Manager access have this privilege enabled by default. For entries with Designer, Editor, Author, and Reader access, this is an optional privilege.
Read Public Documents
This privilege can be enabled to allow users who have been granted either No Access or Depositor access to read documents and use views and folders in which a Domino designer has assigned the property Available to Public Access Users. Any form used to create public access documents must contain a text field named $PublicAccess , and its value should be equal to 1 . ACL entries with Manager, Designer, Editor, Author, and Reader access have this privilege enabled by default. For entries with Depositor and No Access, this is an optional privilege.
Write Public Documents
This privilege enables users to create and edit documents created by forms that have the Available to Public Access Users property enabled. Users with this privilege can create and edit certain documents even though they have less than Author access. ACL entries with Manager, Designer, and Editor access have this privilege enabled by default. For entries with Author, Reader, Depositor, and No Access, this is an optional privilege.
Replicate or Copy Documents
This handy privilege is new in Domino 6 and is used to enable users to copy or replicate the database and/or to copy documents from the database to the clipboard. This privilege is enabled by default for all access levels.
Understanding User Types
The four tabs in the Access Control List are Basics, Roles, Log, and Advanced. We've covered everything in the Basics tab except the User Type drop-down. The use of this field enables you to assign a type to a user, which prevents someone from spoofing the system by pretending to be a name in the ACL that he clearly isn't.
Any name listed in the ACL can be assigned an appropriate user type. For instance, if my name is listed in the ACL as a Person group, I can't access the database because I am a person not a group . The valid user types are
It's normally a good idea to set the user type of each entry in the ACL; doing so improves the security of your database.
Setting Editor Access for Web Browsers
An additional ACL setting affects the level of access that Web clients have to a database. This setting is found in the Advanced tab of the ACL as shown in Figure 23.13. The Maximum Internet Name & Password field defaults to Editor, which is actually the highest level of access that a non-Notes client can have because the Designer and Manager features aren't available from a Web browser.
Figure 23.13. Maximum Internet access in the Advanced tab defaults to Editor access.
You should be sure to check this property for any databases hosted on a Domino server running HTTP to ensure that Internet users can't slip in and gain access to information they shouldn't see.
Enforcing a Consistent Access Control List
Enforcing a consistent access control list is helpful for maintaining an access control list that won't be changed by a user with a replica copy or another server administrator. This option is found on the Advanced tab along with the Maximum Internet option, as shown previously in Figure 23.13. This is useful when administration is decentralized, but the database manager must have central control over access to the database. Configuring and replicating this property throughout your organization ensures that the ACL won't get out of synch. Additionally, it makes the Notes client enforce the ACL locally, meaning that users who have local replicas of a database are constrained by their level of access in the ACL. If you have users with local replica copies of a database and want to add an additional level of security, enable this property.