Friday, December 12, 2008

Documentum Client Capability

Client(Webtop, Desktop, Customized Client based on DFC, DFS)에서 접근시 계정별 기본 접근 권한이 정의되어 있어서 사용자가 작업 할 수 있는 기능에 제한을 두는 것이 Client Capability이다.

Client Capability

1. Consumer : can search, view and copy documents and forward tasks in workflows. default capability.
2. Coordinator : Consumer + create cabinet, workflows, and virtual documents and view hidden objects.
3. Contributor : Coordinator + create documents and folders, modify regular documents and virtual documents(including checkin and checkout), and delete documents
4. System Administrator : Contributor + can manage Content Server, repository, and users and groups.

Thursday, December 11, 2008

r_object_id의 구성

Documentum의 dm_sysobject의 하위 Object들의 Key값은 r_object_id로 구성된다.
r_object_id의 구성은 16자리인데
그 중 2자리는 Object Type, 6자리는 Repository ID, 8자리는 Unique ID값들로 구성된다는것을 알고 있다면 Documentum을 이해하는데 도움이 된다. 약간 MOSS와 비슷한 느낌도 있지만 어쨋든 독특한 시스템인 것 같은 생각이 든다.

ex)0900271280000beb
Type Repository ID Unique ID
09 002712 80000beb Hex값

Object Type들의 종류로는
00 dmi_audittrail_attrs
03 dm_type
05 dmr_containment
06 dmr_content
08 dm_application
08 dm_job
08 dm_procedure
08 dm_query
08 dm_script
08 dm_smart_list
09 dm_document
0b dm_folder
0c dm_cabinet
0d dm_assembly
10 dm_method
11 dm_user
12 dm_group
19 dm_registered
1f dmi_index
26 dmi_registry
27 dm_format
28 dm_filestore
28 dm_store
2c dm_distributedstore
2e dmi_type_info
2f dm_dump_record
30 dmi_dump_object_record
31 dm_load_record
32 dmi_load_object_record
37 dm_relation
3a dm_location
3b dm_fulltext_index
3c dm_docbase_config
3d dm_server_config
40 dm_blobstore
41 dm_note
45 dm_acl
46 dm_policy
49 dmi_package
4a dmi_workitem
4c dm_activity
4d dm_workflow
53 dm_literal_expr
5e dm_federation
5f dm_audittrail_acl
5f dm_audittrail_group
5f dm_audittrail
66 dm_alias_set
6a dmi_dd_attr_info
0b dm_taxonomy
0b dm_xml_application
6b dm_display_config
20 dmi_sequence

[DQL]Object Security 관련 Sample Query

SELECT r_accessor_name, r_accessor_permit
FROM dm_acl
WHERE object_name = (
SELECT acl_name
FROM dm_document
WHERE r_object_id = '0900271280000beb')
AND owner_name = (
SELECT acl_domain
FROM dm_document
WHERE r_object_id = '0900271280000beb')

SELECT acl_name, acl_domain
FROM dmi_type_info
WHERE r_type_name = 'dm_document'

SELECT acl_name, acl_domain
FROM dm_folder
WHERE object_name = 'Temp'

SELECT acl_name, acl_domain
FROM dm_user
WHERE user_name = 'dmadmin'

[DQL]Group 관련 Sample Query

SELECT group_name, group_address, owner_name, group_admin
FROM dm_group
WHERE group_name = 'docu'

SELECT group_name
FROM dm_group WHERE ANY i_all_users_names = 'dmadmin'

SELECT group_name
FROM dm_group
WHERE group_class = 'role'

[DQL]User관련 Query Samples

Documentum Query Language 중 User 생성과 관련된 Sample Query

#사용자별 문서 등록 현황
SELECT owner_name, count(*)
FROM dm_sysobject
WHERE r_object_id like '09%'
GROUP BY owner_name


# User 관 련 Sample Querys
SELECT user_name, user_login_name, user_address, description, home_docbase, user_state
FROM dm_user
WHERE user_login_name = 'gildong'

CREATE dm_user object
SET user_name = 'Gil-Dong',
SET user_login_name = 'gildong',
SET user_address = 'gildong@help.me',
SET user_group_name = 'docu',
SET user_source = 'inline password',
SET user_privileges = 2,
SET client_capability = 4

CREATE dm_folder object
SET object_name = 'gildong',
SET owner_name = 'Gil-Dong'

UPDATE dm_user objects
SET default_folder = 'Cabinet/gildong'
WHERE user_login_name = 'gildong'

#lists the inactive users in repository
SELECT user_name, user_login_name
FROM dm_user
WHERE user_state = 1 OR user_state = 3

SELECT user_name, user_privileges, user_xprivileges
FROM dm_user
WHERE user_login_name = 'gildong'

#LDAP 설정 정보 조회
SELECT object_name
FROM dm_ldap_config