Roles = features, not security. You need to assign these users to the groups that are defined in the ACL.
For example, a user belonging to consumer role will NOT see Edit feature even though he/she might belong to group that has WRITE/DELETE permissions. Alternatively, a user belonging to contributor role will see Edit feature, but will not have permissions to change the document if he/she does not belong to group that has at least WRITE permissions.
Have you read the Content Server Fundamentals guide? You will get your answers to a lot of your questions if you understand the fundamentals of the technology.
I cant guide you b/c I don't know your application. I don't know what roles you have configured; I don't know what groups are used in your security. You have been posting a lot of questions on the forum that you should be able to answer if you take Content Server Fundamentals class.
. I assigned "user_name" to the "abc_searcher" and "abc_searcher_role" roles. When I do a search with her credentials, I get 0 results.
As I said in my previous post, role assignment only impacts the UI. When you do search, search uses permissions on documents. You probably didn't add them to groups that are part of the ACL on the documents.
If you can find it using your system admin acct, then you didn't modify the ACL appropriately. How did you "...in-spite of giving her ACL access Read and assigning it to appropriate ACL"?
Are you sure that abc_acl is assigned to object instances of type abc_local_doc? Simple DQL:
select distinct(acl_name) from abc_local_doc
Then how did you add the user to ACL? Did you modify the ACL definition using DA or did you modify permissions for a specific document?
Who is the user you are trying to add to the ACL? I don't see group_searcher in the ACL definition either.
There are two users in your user-acl-attr-issue.jpg. Is it Lynn or Jennifer that is having problem? You didn't grant Lynn READ, you only grant her BROWSE.
As for the group, I see "dos_searcher" referenced in ACL. You said group_searcher, so this is what I was looking for. Post screenshot of the group membership of "dos_searcher" group to confirm that Lynn is in it.
I still don't see screenshot of the dos_searcher group that shows everyone who is in that group. Stop wasting time by uploading stuff that I didn't ask for.
Add your user directly to the group. I have seen issues when you try to add role to the group.
Not sure what you are asking about "brief it up",
What is your problem again? Your acl has dm_world read. So any documents that have dos_acl assigned to it, anyone can see it. Can anyone else use the simple/advanced search functionality successfully? If not, then maybe its something with your code.
I have run the acl_replication batch file and the FT Integrity batch file that should fix the acl/permissions issue wrt the users etc. dos_processor group has write permissions do i need to do something with it?
for doing basic and advanced search i hope browse/read permissions on the group and acl/permissions set is enough?
do i need to modify the permission set under the users properties?