4.7.2.2 Default access control values

Access rights in BSCW are dynamically derived from "access control values", combining default access control values and access control values that are explicitly (manually) assigned (see section 4.7.5).

BSCW's default access control values implement three basic rules:

1. All members of a shared Workspace have all access rights to all objects in this Workspace -- with three exceptions:
1. The right to explicitly assign access control values for an object is held exclusively by the owners of the object.
2. The right to irreversibly destroy an object on the BSCW server is held exclusively by the owners of the object (see section 3.6.2).
3. The right to [Modify] a Note object is held exclusively by the owners of the object.
2. Non-members ('Other users ...') have no access rights for the shared Workspace and the objects in it.
3. If invited as a member, the user anonymous has only 'read' access rights for the Workspace and the objects in it.

Except for 1.1. and 1.2., you may override the default access control values that implement these rules, by manually assigning different access control values, thus modifying BSCW's default access rights.

Modified access control values for a Folder, Meeting or Discussion object are "inherited" by the objects they contain (see section 4.7.4 for the exception to this rule).