Changed default permissions to old behaviour

keeps · Jan 11, 2024 · 0047316 · 0047316
1 parent b84efb8
commit 0047316
Showing 1 changed file with 16 additions and 14 deletions.
diff --git a/roda-core/roda-core/src/main/resources/config/roda-core.properties b/roda-core/roda-core/src/main/resources/config/roda-core.properties
@@ -522,7 +522,9 @@ core.synchronization.scheduleInfo=0 0 * * *
 core.aip.lockToEdit=false
 
 ##########################################################################
-#User and group permissions regarding creations of aip
+# User and group permissions regarding creations of aip
+# It is possible to change how permissions are granted
+# to users and groups.
 ##########################################################################
 # Direct creator permissions
 #core.aip.default_permissions.creator.permission[] = CREATE
@@ -531,15 +533,15 @@ core.aip.lockToEdit=false
 
 # Admin users or groups so AIPs can be administered
 #core.aip.default_permissions.admin.user[] = admin
-core.aip.default_permissions.admin.group[] = administrators
+#core.aip.default_permissions.admin.group[] = administrators
 
-core.aip.default_permissions.admin.group[].administrators.permission[] = READ
-core.aip.default_permissions.admin.group[].administrators.permission[] = UPDATE
-core.aip.default_permissions.admin.group[].administrators.permission[] = CREATE
-core.aip.default_permissions.admin.group[].administrators.permission[] = GRANT
-core.aip.default_permissions.admin.group[].administrators.permission[] = DELETE
+#core.aip.default_permissions.admin.group[].administrators.permission[] = READ
+#core.aip.default_permissions.admin.group[].administrators.permission[] = UPDATE
+#core.aip.default_permissions.admin.group[].administrators.permission[] = CREATE
+#core.aip.default_permissions.admin.group[].administrators.permission[] = GRANT
+#core.aip.default_permissions.admin.group[].administrators.permission[] = DELETE
 
-# Additional group permissions
+# Additional non super group permissions
 #core.aip.default_permissions.group[] = archivists
 #core.aip.default_permissions.group[] = producers
 #core.aip.default_permissions.group[] = guests
@@ -553,18 +555,18 @@ core.aip.default_permissions.admin.group[].administrators.permission[] = DELETE
 #core.aip.default_permissions.group[].guests.permission[] = READ
 
 # Intersect creator groups with the configuration groups
-core.aip.default_permissions.intersect_groups = true
+#core.aip.default_permissions.intersect_groups = true
 
 # System expects a minimum set of direct or indirect permissions for the creator
 core.aip.default_permissions.creator.minimum.permissions[] = UPDATE
 core.aip.default_permissions.creator.minimum.permissions[] = READ
 
 # Default permissions for the old behaviour
-#core.aip.default_permissions.creator.permission[] = READ
-#core.aip.default_permissions.creator.permission[] = CREATE
-#core.aip.default_permissions.creator.permission[] = UPDATE
-#core.aip.default_permissions.creator.permission[] = DELETE
-#core.aip.default_permissions.creator.permission[] = GRANT
+core.aip.default_permissions.creator.permission[] = READ
+core.aip.default_permissions.creator.permission[] = CREATE
+core.aip.default_permissions.creator.permission[] = UPDATE
+core.aip.default_permissions.creator.permission[] = DELETE
+core.aip.default_permissions.creator.permission[] = GRANT
 
 ##########################################################################
 # User registration settings