acl (Domino DTD)

Defines the structure of an access control list (ACL) in a Domino database. The ACL is unique in that it is similar to a design note, but behaves as a separate object that holds information in a Domino database. In DXL, the ACL is treated as a root element, which enables you to manipulate it independently, without having to import or export an entire database.

The ID of the person importing a database in DXL must be listed as having manager access in the ACL of the database for the ACL information in the DXL to be imported.

For more information on ACLs, see section.

Containment Hierarchy

Contained by: <database>

Contains: <role>, <aclentry>, <logentry>

Syntax

<!ELEMENT acl ( role*, aclentry+, logentry* )>

Content

role* , aclentry+ , logentry*

Contains any number of <role> elements, followed by one or more <aclentry> element(s), then any number of <logentry> elements.

Attributes

<!ATTLIST acl

%root.attrs;

adminserver

%string;

""

adminservermaymodify

%acl.adminservermaymodify;

"none"

adminreaderauthor

%boolean;

"false"

consistentacl

%boolean;

"false"

maxinternetaccess

(%acl.levels;)

"editor"

>

adminreaderauthor

If true, modifies the Readers/Authors fields to reflect ACL changes. Default is false.

adminserver

Name of the server that updates the names in an acl through the administration process. This server also handles the locking and unlocking of documents in a database.

adminservermaymodify

Levels of access you can set for the administration server of a database. These options are defined in the %acl.adminservermaymodify; entity.

consistentacl

If true, enforces a consistent access control list across all replicas of the database. Default is false.

maxinternetaccess

Specifies the desired maximum acl level for users accessing the database via the Internet. Default level is editor.

Defined entity for <acl> element

The %acl.adminservermaymodify; entity lists the level of access that an administration server for a database has to the database's Names, Author, and Reader fields. These options are set on the Advanced tab of the Acess Control List Properties box.

Syntax:

<!ENTITY % acl.adminservermaymodify "none | authorreaderfields | namesfields">

none

Specifies that the administration server for the database cannot modify the database's Names fields.

authorreaderfields

Specifies that the administration server for the database can modify the database's Author and Reader fields.

namesfields

Specifies that the administration server for the database can modify the database's Names fields.

Example