Content and Space permissions in Jive are stored in various database tables. This article explains the purpose of these database tables and how they work together to manage permissions.
Permission settings are stored in the application database and distributed in multiple tables. The table below provides a brief description of the permission related database tables. You can also click on the table's name to find its detailed schema.
|creationdate, permlevelid, creatorid, description, modificationdate||Stores the custom permission levels that have been created.|
|system, permlevelid, name||Stores the description of permissions against the permission level ID.|
|objpermlevelid, name, description, lvltype, objtype||Stores the permission level definitions for objects.|
|extender, creationdate, objpermlevelid||Stores the extension information of object permission levels (jiveobjpermlvl), for example, which plugin extended it and when.|
|name, contextid, type||Stores the extension context details such as extender and the type.|
|extender, creationdate, objpermlevelid, permlevelid||Links the object permission levels (jiveobjpermlvl) to a permission level (jivepermlevel) as well as the extension context.|
|objpermlevelid, objtype||Stores any default permissions that are given to a perm level when it is set on a particular object.|
|name, mask||This is much like object permission levels (jiveobjpermlvl), except you can store individual linking - so it is a mask as well as an object type - useful, for example, for the advanced options when you are creating a custom level.|
|extender, creationdate, objtype, mask||Links the entitlement masks (jiveentitlementmsk) to the extension context (jiveextcontext).|
|extender, creationdate, objpermlevelid, mask||Links the objects’ permission levels (jiveobjpermlvl), entitlement masks (jiveentitlementmsk), and the permission extension contexts (jiveextcontext).|
|permlevelid, objtype, mask||Links the entitlement masks (jiveentitlementmsk) to permission levels (jivepermlevel).|
|grantedid, permlevelid, grantedobjecttype, targetobjecttype, targetobjectid||Stores the permission levels that particular objects (like users) have on target objects (like spaces).|
Below diagram presents a visual overview of how these tables are connected:
As visible in the diagram above, the majority of the data relations are consolidated within the jivepermlvlmsk and jiveobjtypemsk tables, which in turn end up in the jiveentitlementmsk table. The jiveentitlementmsk table finally relates to jiveentitlement table, which is where the application starts checking for the permissions at the runtime.