Overview

Document permissions are determined by the Subversion server. Here's why :

Think client-server. There are 2 databases used in parallel behind RocketDMS: The subversion repository to store documents and changes and an SQL database to store extra document info like meta-data and fulltext indexes.

The core of the permissions system is what the subversion server/repository allows you to do with files stored in it. By default the subversion repository will allow global read/write to everyone.

Set up your document permissions in this order:

1. Permissions for documents are controlled by the subversion (document repository). The (mysql/sqlite) database is used by the RocketDMS program to store all of the indexes and metadata. The (sqlite/mysql) database has only a single username for use by the program.

Create and configure the required users/passwords/permissions in your subversion repository.

How you do this will depend upon the particular subversion server that you use. The authentication is part of the subversion server used. For a file based repository ( SVN repository URL starting with 'file:///')  there is no server and hence no authentication. In this case the usernames and passwords are ignored by subversion. (But still used by the RocketDMS client to control who can use what components of the program.)

It is the subversion repository usernames/passwords that you use as RockertDMS logins.

2. RocketDMS then takes note of these usernames. The 'Users' tab in the configuration lets you set up permission for these users. These are the RocketDMS permissions that control what that user can see and do within the RocketDMS client. Nothing to do with the subversion repository (document database) in the back end.

The reason for this is that RocketDMS is a subversion client in the sense that it uses a subversion repository as the database to store documents. ( Exactly analogous to any program that uses, say, a Microsoft SQL database server for it's data storage.  Like an SQL database server there are many other client programs that can also access the same database. You want the authentication controlled at the server.   ) 

In this case you don't want people using another subversion client to bypass what they can not do via RocketDMS.

Subversion Users, Passwords and Permissions (VisualSVN Manager)

This is where you set all usernames, passwords and document access permissions.

Start the  VisualSVN Manager GUI Start->Programs->VisualSVN->VisualSVN Manager
Select the Users section:

Right click on Groups to create and maintain user groups.

Right click on Users to set passwords.

Right click on the repository (default install is rocketdms_docs) to apply users, groups and permissions.

RocketDMS Client Program Permissions

This is where you manage who can see and use the various components of the RocketDMS program.

Start the configuration program, Start->Programs->Pikaia->RocketDMS->Configuration.
Navigate to the Users tab:

Click the Users button. Add the same usernames as were created in the subversion server. Place the usernames in one or more groups, comma separated. Keep it simple and copy the included examples until you are sure of what you are doing.

These usernames are authenticated against the subversion server and will use the subversion passwords.

How do these RocketDMS program permissions work?

You will note that there are 4 buttons labelled Permissions Components, Permissions, Groups and Users.

 The RocketDMS program permissions are built up from the bottom up in this way:

1. Permissions Components : We supply you with a list of all components or parts of the program that can be controlled. You can view this list but you should NOT edit the permissions components list. We will automatically add to this permissions components list as the program develops new features. Take a note of the code value for each component you will use this code in the Permissions list. 

2. Permissions : You may edit this list to create your basic system permissions. Each permission controls one or more of the permissions components (codes listed comma separated). You give each of your permissions a unique code. Take a note of the code value for each permission you will use this code in the Groups list.

3. Groups: Groups are sets of permissions. Each group has a unique code. The default install has these groups : readonly, readwrite, everyone, admin and superuser.

4. Users: Users are assigned to one or more of the permissions Groups. 

For most purposes the default permissions and groups should provide most of what you require without any changes. 

Important Note : Any username that is not listed in the Users list will automatically be placed in the Everyone group. This means that you do not have to add every new user into the RocketDMS program permissions. Edit the Everyone group to have the permissions that you require for your default users. It will only be the exceptions that you have to explicitly add to the Users list.

In general , users will be added/maintained/removed using the Subversion Manager program.