Developer Documentation Library > Interviewer - Server > Administration and maintenance > Databases > Project (case data) databases > Setting permissions
 
Setting permissions
The <Access Control> section of Interview.Config.xml assigns case database access permissions to UNICOM Intelligence Interviewer - Server Admin users and roles. You can also set default permissions for all users or roles. Default permissions automatically apply to all users even if permissions are also set for roles, so do not define any default unless you want them to apply to all users. The exception is when the same permission is set with different values at both levels. In this case, the role-level setting overrides the default for that role only.
The following example specifies default permissions such that all users can activate using only the database specified in the project's connection string. Members of the DPMAdmins role can also create new databases with the same name as the project or with any other unique name of their choice. Members of the ScriptGroup1 role inherit the default of being able to use the project name from the connection string, but can also create new databases with the same name as the project. They cannot create new databases with any other names:
<AccessControl>
<Default>
<Presets>
<ProjectDatabases>
<Permissions>
<Permission name="CanCreateNewProjectDatabase" allow="false" />
<Permission name="CanCreateNewCustomDatabase" allow="false" />
<Permission name="CanUseConnectionStringDatabase" allow="true" />
</Permissions>
</ProjectDatabases>
</Presets>
</Default>
<Roles>
<Role name="DPMAdmins">
<Presets>
<ProjectDatabases>
<Permissions>
<Permission name="CanCreateNewProjectDatabase" />
<Permission name="CanCreateNewCustomDatabase" />
</Permissions>
</ProjectDatabases>
</Presets>
</Role>
<Role name="ScriptGroup1">
<Presets>
<ProjectDatabases>
<Permissions>
<Permission name="CanCreateNewProjectDatabase" />
</Permissions>
</ProjectDatabases>
</Presets>
</Role>
</Roles>
</AccessControl>
If a permission is not assigned to a role either specifically or by inheritance from the defaults, members of that role do not have that permission.
In the example, the default Permission settings have an "allow" attribute whereas those for roles do not. You can include the "allow" attribute in role settings, and can set it to true or false. If you omit the attribute, as in the example, it defaults to true.
See also
Project (case data) databases