IBM FileNet P8, Version 5.2.1

Recovery bins

A recovery bin is an object that you use to store objects that you want to delete so that those objects can be recovered.

When an object is moved to the recovery bin, it is marked for deletion. Each object store can have one or more recovery bins, and you can create new bins any time you want. You might want to use more than one recovery bin to separate items that are marked for deletion into categories to make recovering objects easier. If you configure more than one recovery bin, then whenever an object is marked for deletion, the user is prompted to choose a bin to put the object in.

Restriction: Do not configure FileNet® P8 recovery bins for object stores that contain documents under the control of a records management system, such as IBM® Enterprise Records, or for the object stores that contain the associated record objects. IBM Enterprise Records requires full control of the deletion process.

If an object that has a cascade relationship with other objects is marked for deletion, then those other objects are also marked for deletion, along with any other objects those objects have cascade relationships with (this process is called a cascading deletion). A cascading deletion continues until all objects with cascade relationships in the hierarchy under the original object are marked for deletion. However, if an object contains a cascade relationship with an object in a different object store, the object in the different object store is not marked for deletion. Marking an object for deletion works only with the entire version series of a document, so a single document of a series that has multiple versions cannot be marked for deletion. During a cascading deletion, any objects that cannot be marked for deletion are skipped, but the deletion process continues for other objects.

When an object is marked for deletion, any outstanding requests such as publish requests, thumbnail requests, content-based retrieval indexing, and migration to a fixed content device are continued until the request is complete.

Objects that are marked for deletion can be recovered. When you recover an object, it reappears in all folders that it was filed in before it was marked for deletion. Even though an object is marked for deletion, its properties can change if the properties of the class of the object are changed. In that case, if the object is recovered, then the new property values show up (not the values the object had before it was marked for deletion). When an object is recovered, all permissions are left the same. Those permissions do not depend on what user recovers the object.

A user can use the empty recovery bin option to permanently delete all the objects in a recovery bin. When a user empties a recovery bin, all objects in the selected recovery bin are permanently deleted as long as the user has the correct permissions. Emptying a recovery bin is also subject to other normal deletion restrictions, such as legal holds.

When an object is marked for deletion, a placeholder item is created in the recovery bin. This item is called a recovery item. To query a recovery bin, the user must have read permission on the recovery items. To recover an object from a recovery bin, the user must have delete permission on the recovery item, and read permission on the object the user is trying to recover. To permanently delete an object in a recovery bin, the user must have delete permission on the recovery item and delete permission on the object.

If a user moves an object to the recovery bin, it is marked for deletion, along with any other objects that have a cascading relationship with it. When objects are marked for deletion, they are no longer visible to users through a query or navigation. To users, it appears that the objects do not exist. However, the permissions can still be inherited from those objects. To avoid unexpected permissions on objects, you should not move to the recovery bin objects that are security proxies. Instead of moving them to the recovery bin, permanently delete such objects. If administrators suspect that an authorization problem might be caused by a security proxy object that has been marked for deletion, they can grant themselves temporary View Recoverable Object permission on the object store, so that they can find the objects and delete them.

Restriction: Mark-for-deletion is not supported for compound documents.