3rd European CAF Event: CAF Inspiring Change
From: 21 October 2009
To: 23 October 2009
Committee meetings
From: 29 September 2009
To: 30 September 2009

Top Public Managers in Europe
18 September 2009
European Primer on Customer Satisfaction
16 September 2009
Project: Respa
19 August 2009
Project: Arvanitidis Winery
26 July 2009
Project: The Art of Dreaming
06 April 2009


In order to have better control over the documents and to enforce security in the virtual repository, each document is linked to a set of specific control information which is its access rights. Where shared or private documents are concerned, there are three kinds of operation which have the same constraints relating to access control:

  • The read operation :

If applied on a file, the operation downloads it and, in the case of a viewable files (text/plain, text/html, image or video), displays it.

  • The edit operation allows :
    • File uploading
    • Description of a document (title and basic information)
    • Document removal
    • Document versioning.

These different edit actions are equivalent as regards access rights. Administrators who are authorized to edit a directory can create a subdirectory or upload a file to it, as well as describe or delete it. Users authorized to edit a file can edit it on-line, describe it, replace or remove it.


  • The control operation :

The control operation is directly linked to the notion of access rights. If we wish documents to be secure, we have to control the access to them. Not everybody must be authorized to do everything to them. Consequently, each document has specific access rights for reading and editing. Performing a control action on a document involves changing its Read/Edit rights.

The control operation has more restrictive access rights than the other two operations. Only the owner of a document, the privileged owner of the list and the administrator has control rights on a document. Another possible control action on a document is therefore specifying who owns it.