If I understand your request correctly, you would express this
configuration as:

<role id="repository-admin">
<operation id="com.ibm.team.scm.server.modifyStream">
<permissions>
<action id="any"/>
</permissions>
</operation>
</role>
<role id="repository-contributor>
<operation id="com.ibm.team.scm.server.modifyStream">
<permissions>
<action id="modify">
<action id="stream">
<action id="attributes">
<action id="any">
</action>
</action>
</action>
</permissions>
</operation>
</role>


- Jared


bhadrim wrote:

Hi,

I am trying to define new roles and assign access on operations to
these roles.

The scenario I am trying out is to create two roles repository-admin
and repository-contributor. The repository-admin role must have
access to perform Create/Read/Update/Delete on the stream object and
the repository-contributor must have access to perform Read/Update
the stream object.

I am unable to create the above access control policy because
modifyStream is the only operation I see when I use content assist.
Am I missing something or Is there a workaround to create the above
policy?

Thanks in advance.

Currently, the only way to find out the action ids is to use code-assist
(ctrl+space) in the editor. We realize that this isn't optimal and will
be improving it over time.

- Jared

bhadrim wrote:

Thanks. Yes something along the lines, but not for the attributes but
for the components as shown below. But how can I know the nesting
action ids. If it is documented can someone point me to the document.
Thanks.

operation id="com.ibm.team.scm.server.modifyStream"
<permissions
<action id="modify"
<action id="stream"
<action id="component"
<action id="any"/
</action
</action
</action>
</permissions
/operation