Document Misc

Document Life Cycle

Each document type can be bound to a life-cycle, which defines the possible:

• States
• Transitions between states

It is not workflow, but workflow usually uses life-cycle of document as one of the state variable of the process, and life-cycle and listeners can be used to simulate simple processes.

Security Management

Always turned on inside repository and verified each time. Relies on a list of unitary permissions to grant / deby access. Permissions and permission groups can be extended.

Security is based on ACL model. It includes

• Document -> (1) ACP (access control policy)
• ACP -> (1..n) ACLs
  • Inheritance
    • by default inherited, i.e. check is done against current document's ACP & all its parent
    • inheritance can be blocked
  • type of ACL
    • 1 default ACL : one managed via UI
    • several workflows ACLs : set by workflows (then, when workflow ends, return to default ACL)
• ACL -> (1..n) ACEs (access control entry)
• ACE = (user/group + permission / permission group + grant/deny)

In addition to above, there is a pluggable security policy system so extension can be made to plug custom code to verify security each time it's needed. However note performance penalty and to prevent, security policies can be converted in low level query filters when doing searches.

Indexing and Query

Meta data automatically indexed. Files by default full text indexed. A conversion provides full text conversion from most useful formats.

Configuration can be defined

• what should be put into fulltext index
• define several fulltext indexes

Querys supports

• NXQL : native SQL like query language
  • keyword match on meta-data
  • full text expressions
  • ordering
• CMISQL : normalized query language included in CMIS specification
  • keyword / full text / ordering
  • and cross queries (i.e. JOINS)

No security clauses is required to be written in queries - it's always managed by repository.

Version

Any moment repository can be asked to create and archive a version from a document. It can be configured to be automatic or on demand. Each version has (1) a label (2) major version number (3) minor version number

Proxy

It's like a symbol link in Unix-like OS, points to a document (live or an archived version) and looks like a document from user point of view.

Event System

When repository performs an operation, events will be raised before and after and can be handled by custom handlers.

Handlers can be

• Synchronous - can alter the processing of the current operation (change document, mark the transaction for rollback)
• Synchronous Post-Commit - executed just after the transaction has been committed
• Asynchronous - executed asynchronously after transaction committed

VCS Storage

Document storage is through Nuxeo Visible Content Store (VCS), designed to provide a clean SQL Mapping. This means VCS does a normal mapping between XSD schemas and SQL database:

• Schema -> table
• Simple field -> column
• Complex type -> foreign key to a table representing the complex type

Binary files are in file system via BinaryManager using file's digest and deleted from file system via garbage collector.

VCS provides native Cluster mode so two or more servers can share the same data - just turn on Nuxeo VCS Cluster mode.

Transaction Management

All modifications are done inside a session and saved only when session is saved. In JTA/JCA aware environment session is bound to JCA Connector and be part of the global JTA transaction, saved when the transaction commits.

DocumentModel Adapter

Document is defined by schema and represents business objects - invoices, etc.

DocumentModel allow binding of behaviour (a custom Java class) to the model, so as to

• provide helper methods that compute or update fields
• integrity checks based on business rules
• business methods

Binding can be direct or associated to a facet.

VCS Architecture

Node - represents a complex value with several properties, a property can be

• simple values, or
• collections of scalars (lists usually), or
• other nodes.
• a node is the set of fragments (see below) corresponding to the schema

'hierarchy' table - parent-child information for nodes

• id
• parentid
• pos - for ordered children; NULL if not ordered
• name
• primarytype - type
• mixintypes - facets, multiple valued
• isproperty - is it a child document, or a complex type property?
• isversion, baseversionid, majorversion, minorversion - version

Fragment tables -

• scala properties of one schema (simple fragment)
  • table -> schema
  • each column -> simple property of schema
  • each row -> one document or one instance of complex type
• table corresponding to one multi-valued property of one schema (collection fragment)
  • many rows -> set of values for multi-valued property
  • 'pos' column -> ordering
• Each node has a UUID, in 'id' column

'content' and 'file' table - files and binaries

'relation' table - internal relation between two documents or tags

'versions' table - about versions

'proxies' table - proxies

'locking' - locks

Security - in a dedicated table as one ACL (table 'acls') -> many simple ACEs