Operations and Access Control
Hi,
I am trying to define new roles and assign access on operations to these roles. The scenario I am trying out is to create two roles repository-admin and repository-contributor. The repository-admin role must have access to perform Create/Read/Update/Delete on the stream object and the repository-contributor must have access to perform Read/Update the stream object. I am unable to create the above access control policy because modifyStream is the only operation I see when I use content assist. Am I missing something or Is there a workaround to create the above policy? Thanks in advance. |
3 answers
Jared Burns (4.5k●2●9)
| answered Aug 17 '07, 12:25 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
If I understand your request correctly, you would express this
configuration as: <role id="repository-admin"> <operation id="com.ibm.team.scm.server.modifyStream"> <permissions> <action id="any"/> </permissions> </operation> </role> <role id="repository-contributor> <operation id="com.ibm.team.scm.server.modifyStream"> <permissions> <action id="modify"> <action id="stream"> <action id="attributes"> <action id="any"> </action> </action> </action> </permissions> </operation> </role> - Jared bhadrim wrote: Hi, |
Thanks. Yes something along the lines, but not for the attributes but for the components as shown below. But how can I know the nesting action ids. If it is documented can someone point me to the document. Thanks.
<operation id="com.ibm.team.scm.server.modifyStream"> <permissions> <action id="modify"> <action id="stream"> <action id="component"> <action id="any"/> </action> </action> </action> </permissions> </operation> |
Jared Burns (4.5k●2●9)
| answered Aug 17 '07, 4:46 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Currently, the only way to find out the action ids is to use code-assist
(ctrl+space) in the editor. We realize that this isn't optimal and will be improving it over time. - Jared bhadrim wrote: Thanks. Yes something along the lines, but not for the attributes but |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.