[closed] Custom jazz user view through Web UI
The question has been closed for the following reason: "The question is answered, right answer was accepted" by rschoon Oct 27 '16, 2:40 a.m.
Accepted answer
Hi Toby, the short answer to your question is "No for Team Concert Express 1.0", but let me provide a bit more detail.
The Jazz platform has no notion of a special user type. However, users may be granted various permissions. There are two category of permissions:
* System permissions
* Process permissions
System permissions are very basic things like "can read from the repository" or "can write to the repository" or "can admin the repository" (e.g. create project areas and users).
Process permissions allow you to define rules like "only members of the Web UI team can deliver change-sets to streams owned by the Web UI team" or "only members on the Web UI team can assign a priority to work items owned by teh Web UI team". These rules are set by the team, not the Jazz Platform - the Jazz Platform provides the infrastructure for defining and executing these rules.
For Team Concert 1.0, our focus has been on process-enabling write operations (e.g. my two examples above) since these are the most critical from a security perspective. For 1.0 we do not plan on providing process-enablement for read operations (e.g. the ability to express a rule like "Only members of the Web UI team can accept change-sets from the Web UI stream").
I believe you'd need this sort of process-enablement of read operations to achieve the scenario below so I don't think it's possible with Team Concert 1.0. However, I will point out this thread to the Process, Source Control, and Work Item teams to see if they see any opportunities I'm missing.
--
Bill Higgins
Jazz Web UI Foundation Team
The Jazz platform has no notion of a special user type. However, users may be granted various permissions. There are two category of permissions:
* System permissions
* Process permissions
System permissions are very basic things like "can read from the repository" or "can write to the repository" or "can admin the repository" (e.g. create project areas and users).
Process permissions allow you to define rules like "only members of the Web UI team can deliver change-sets to streams owned by the Web UI team" or "only members on the Web UI team can assign a priority to work items owned by teh Web UI team". These rules are set by the team, not the Jazz Platform - the Jazz Platform provides the infrastructure for defining and executing these rules.
For Team Concert 1.0, our focus has been on process-enabling write operations (e.g. my two examples above) since these are the most critical from a security perspective. For 1.0 we do not plan on providing process-enablement for read operations (e.g. the ability to express a rule like "Only members of the Web UI team can accept change-sets from the Web UI stream").
I believe you'd need this sort of process-enablement of read operations to achieve the scenario below so I don't think it's possible with Team Concert 1.0. However, I will point out this thread to the Process, Source Control, and Work Item teams to see if they see any opportunities I'm missing.
--
Bill Higgins
Jazz Web UI Foundation Team
9 other answers
Hi Toby, with Team Concert 1.0, there is an ability to *suppress* pages from displaying in the UI, but this doesn't make them unavailable, it just makes them not show up in the UI.
To do this, you need to set the com.ibm.team.repository.web.suppressedPages configuration property using the Admin Web UI (Server -> Advanced -> under the "com.ibm.team.repository.service.internal.webuiInitializer.ConfigPropertyInitializer" section).
In this case you'd set it to the following:
{"com.ibm.team.process.web.projectArea": }
This is a JSON object where the key is the name of the web UI application and the value is an array of pages that should be suppressed from the UI (in this case just SCM).
Again I must stress that someone could still access the page, but it won't show up in the UI's header.
--
Bill Higgins
Jazz Web UI Foundation Team
To do this, you need to set the com.ibm.team.repository.web.suppressedPages configuration property using the Admin Web UI (Server -> Advanced -> under the "com.ibm.team.repository.service.internal.webuiInitializer.ConfigPropertyInitializer" section).
In this case you'd set it to the following:
{"com.ibm.team.process.web.projectArea": }
This is a JSON object where the key is the name of the web UI application and the value is an array of pages that should be suppressed from the UI (in this case just SCM).
Again I must stress that someone could still access the page, but it won't show up in the UI's header.
--
Bill Higgins
Jazz Web UI Foundation Team
Is it possible to hack the Web UI code to simply delete the class file
that is used to fetch the source (and therefore prevent any access by
anyone to the source). This is an ugly method but I would rather an
error appeared through deleted functionality than the source to be
viewable.
As long as the content service is accessible (which I believe must be)
there will be a way to get to the source.
- Dmitry
Hi Bill, the page suppression works fine but as you say, its still possible to get to the source.
Is it possible to hack the Web UI code to simply delete the class file that is used to fetch the source (and therefore prevent any access by anyone to the source). This is an ugly method but I would rather an error appeared through deleted functionality than the source to be viewable.
Is it possible to hack the Web UI code to simply delete the class file that is used to fetch the source (and therefore prevent any access by anyone to the source). This is an ugly method but I would rather an error appeared through deleted functionality than the source to be viewable.
You can just remove the "com.ibm.team.scm.web" bundle from the WAR (Can
be found in the jazz\WEB-INF\eclipse\plugins path). If you do this after
the war has been deployed make sure the temp directory for it is deleted
before restarting.
Richard
Jazz WebUI and Server Development
tobycorbin wrote:
be found in the jazz\WEB-INF\eclipse\plugins path). If you do this after
the war has been deployed make sure the temp directory for it is deleted
before restarting.
Richard
Jazz WebUI and Server Development
tobycorbin wrote:
Hi Bill, the page suppression works fine but as you say, its still
possible to get to the source.
Is it possible to hack the Web UI code to simply delete the class file
that is used to fetch the source (and therefore prevent any access by
anyone to the source). This is an ugly method but I would rather an
error appeared through deleted functionality than the source to be
viewable.
I am trying to use Jazz and Subversion, and ideally would like to see a subversion viewer (like polarion) under the source code TAB.
The polarion subversion viewer is provided as a war file that can be deployed under tomcat. How can I add that and not have the default source code browser ?
--krish
The polarion subversion viewer is provided as a war file that can be deployed under tomcat. How can I add that and not have the default source code browser ?
--krish
You can just remove the "com.ibm.team.scm.web" bundle from the WAR (Can
be found in the jazz\WEB-INF\eclipse\plugins path). If you do this after
the war has been deployed make sure the temp directory for it is deleted
before restarting.
Richard
Jazz WebUI and Server Development
tobycorbin wrote:
Hi Bill, the page suppression works fine but as you say, its still
possible to get to the source.
Is it possible to hack the Web UI code to simply delete the class file
that is used to fetch the source (and therefore prevent any access by
anyone to the source). This is an ugly method but I would rather an
error appeared through deleted functionality than the source to be
viewable.
Hi Toby, with Team Concert 1.0, there is an ability to *suppress* pages from displaying in the UI, but this doesn't make them unavailable, it just makes them not show up in the UI.
To do this, you need to set the com.ibm.team.repository.web.suppressedPages configuration property using the Admin Web UI (Server -> Advanced -> under the "com.ibm.team.repository.service.internal.webuiInitializer.ConfigPropertyInitializer" section).
In this case you'd set it to the following:
{"com.ibm.team.process.web.projectArea": }
This is a JSON object where the key is the name of the web UI application and the value is an array of pages that should be suppressed from the UI (in this case just SCM).
Again I must stress that someone could still access the page, but it won't show up in the UI's header.
--
Bill Higgins
Jazz Web UI Foundation Team
Hi all,
I'm using RTC 2.0M2 and I'm trying to suppress the 'Project Areas' tab but I can't.
There is no problem suppressing SCM tab or Builds tab but suppressing 'Project Areas' is not working.
I configured the suppressed pages advance property like this:
{"com.ibm.team.process.web.projectArea": [ "com.ibm.team.process.projectAreaList", "com.ibm.team.build", "com.ibm.team.scm"],"com.ibm.team.process.web.projectAreaList": [ "com.ibm.team.process.projectAreaList", "com.ibm.team.repository.web.projectAreaList"]}
I guess the page id is 'com.ibm.team.process.projectAreaList'
What is the problem??
Any one can help?
Thanks