Basing the Namespace Convention on a Principal 
You can base the namespace in an object ID on the principal (user, group or role) currently creating or changing the object. To use this option, you need to provide an XML file that defines a set of valid namespaces for each principal.
For example, the namespace for a content administrator may be admin.content, whereas a super administrator can select either admin or admin.content.
Procedure
In the NamingConventionsSrv service, set the following properties:
Activate namespaces: true
Mode: user
XML File: The path of the XML file that contains the rules for namespaces.
More information: Configuring the Naming Conventions Service
Create an XML file that defines the rules for namespaces.
The XML file contains the following tags:
Tag
Definition
definitions
The root element
namespace
Defines a namespace.
All principals (users, groups or roles) that are defined in the body of the tag are authorized to use this namespace.
The following attributes are defined for this tag:
Id (required): A namespace
principal
Defines a principal (user, group or role) that is authorized to use the namespace.
The following attributes are defined for this tag:
uniqueName (required): A name of a user (user ID), group (group ID) or role (PCD address).
typeID (required): The type of principal.
Valid values are USER, GROUP or ROLE.
scope (optional): Indicates that the user, group or role is authorized to use the current namespace but no additional namespaces that are defined within subelements.
The examples in this section provide more information.
Place the XML file in the location defined by the XML file property in the naming conventions service.
Result
Administrators can no longer enter any namespace for an object, but must select one of the predefined namespaces.
Example
The following XML file defines rules for namespaces according to the principal creating or changing the PCD object:
Syntax
<definitions> <namespace id="admin"> <principal uniqueName="Administrator" typeId="USER"/> <namespace id="content"> <principal uniqueName="pcd:portal_content/administrator/content_admin/content_admin_role" typeId="ROLE"/> <namespace id="role01"> <principal uniqueName="pcd:/.../content_admin_role_01" typeId="ROLE"/> </namespace> </namespace> <namespace id="system"> <principal uniqueName="pcd:portal_content/administrator/system_admin/system_admin_role" typeId="ROLE"/> <namespace id="role01"> <principal uniqueName="pcd:/.../system_admin_role_01" typeId="ROLE"/> </namespace> </namespace> </namespace> <namespace id="everyone"> <principal uniqueName="Everyone" typeId="GROUP"/> </namespace> </definitions>
The following are the namespaces defined in the XML and the principals (users/groups/roles) authorized to use them:
Namespace |
Authorized Users/Roles |
|---|---|
admin |
Administrator (user) |
admin.content |
Administrator (user) Content Administrator (role) |
admin.content.role01 |
Administrator (user) Content Administrator (role) Content Administrator of Role 1 (role) |
admin.system |
Administrator (user) System Administrator (role) |
admin.system.role01 |
Administrator (user) System Administrator (role) System Administrator of Role 1 (role) |
admin.everyone |
Everyone (group) |
Scope
The scope attribute of the principal tag enables you to authorize a user, group or role for a specific namespace but not for any namespaces defined in subelements.
For example, the following authorizes both the namespaces admin and admin.content for a principal named myUser:
Syntax
<definitions> <namespace id="admin"> <principal uniqueName="myUser" typeId="USER"/> <namespace id="content"> </namespace> </namespace> </definitions>
However, the following uses the scope attribute to authorize for the principal myUser only the namespace admin but not admin.content, or any other namespaces defined for admin within subelements:
Syntax
<definitions> <namespace id="admin"> <principal uniqueName="myUser" typeId="USER" scope="current" /> <namespace id="content"> </namespace> </namespace> </definitions>