Open Source Document Management System | OpenKM

Hi all,
To use okm (4.1 build 1683, WinXP) I need to check if it works with simple 3-level rights system.
I think it is quite common one:
Each department has it's own folder (ie: dpt1 dpt2 ...). The users native to the folder can read-write in the folder, others could read-only, and some of the users could not see the folder.

I created dpt1-s and dpt1-p groups to give different users read-write and read-only permissions.
So far it fails... I can see the member of dpt1-p (read-only permissions) can publish and modify files inside dpt1 folder. The user has no permissions to write in it but it does :-/
What am I doing wrong?
What is the way to apply such a system?

bighen

4.1 build 1683, WinXP

have you propagated UserRole to it repository ?

Do you mean if dpt1 user, a member of dpt1-p(read-only) is also the member of UserRole?
Yes, it is, but there is no special permission for UserRole in dpt1...
Here is the whole security system:

okm:root AdminRole R v W v
UserRole R v W x

okm:root/dpt1
dpt1-p R v W x
dpt1-s R v W v


User: jdoe [UserRole, dpt1-p]

So why a member of dpt1-p can write in dpt1 folder???

Sorry guys, my fault.
I made that system a bit complex and get lost in it...

The permissions set as described work well as they should...

bighen

OK,

In version 5.0 we've introduced delete and security permissions ( only for your information )