Hi everyone,
I need to clarify something on which I fear I have a misunderstanding: updating the ACLs based on the settings of D2 Config, is also retroactive?
I hope to explain myself correctly.
Let's suppose that I have set a "Security template" in D2 Config, parametrized on the value of the a_status field and associated with a specific Context. Let's say, to simplify, that this security sets two possible access levels for the same user group "UsrGrp" based on the value of a_status:
if a_status = A then UsrGrp has Write access,
if a_status = B then UsrGrp has Read access.
In this way Documentum generates two Permission Sets giving them the typical names like "d2_6f ......_ 6a .....1" and "d2_6f ......_ 6a .....2".
The system does its job for some time, until it is established that the "Security template" must be adapted and - for example - set so that:
if a_status = A then UsrGrp has Delete access,
if a_status = B then UsrGrp has Write access.
What happens at this point?
Naively I expected the change to be retroactive, modifying the two Permission Sets "d2_6f ......_ 6a .....1" and "d2_6f ......_ 6a .....2", both already associated with the documents worked up to that moment.
But, in the system I check it seems to me that ... nothing happens: both the old documents and the new ones continue to use the previous setting (Write and Read, instead of Delete and Write).
Maybe the D2JobCore is involved in such a management, with specific parameters?
Thanks in advance for any information and suggestion to make me better understand.
