CMIS ACL

When oauth authentication is activated for the tia ContentServer core CMIS, ACL is also activated.

For this purpose, corresponding roles are checked/mapped in the access token.

These roles can get configured in the repository.cfg file:

<Repo>.authentication.cmis.openid.roles.admin = #default: tia-cloud.core-fullaccess
<Repo>.authentication.cmis.openid.roles.writer = #default: tia-cloud.core-readwrite
<Repo>.authentication.cmis.openid.roles.reader = #default: tia-cloud.core-readonly

Here is an overview of the CMIS basic permissions and the token roles required for them:

CMIS basic permission	Token role

CMIS basic permission	Token role
`cmis:read`	reader, writer, admin
`cmis:write`	writer, admin
`cmis:all`	admin