It's all about the answers!

Ask a question

Jazz Security and Project Areas


Gary Karasiuk (3183) | asked Aug 08 '07, 12:39 p.m.
Once you have authorized a user to a jazz repository (read and write access), does that user now have full access to all of the project areas in the repository?

I've setup my Jazz server running under WebSphere and LDAP. I authorized a new user to the repository. I was very surprised to see that that new user could access any of the project areas, and even make themselves a team leader of any project area. Is this a limitation of the beta? (I'm using beta1 update 1) or have I set something up wrong?

One answer



permanent link
Jared Burns (4.5k29) | answered Aug 08 '07, 1:08 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
The fact that they can see the project area is a current limitation.

The fact that they can make themselves a team leader is configurable in
process permissions. The process specification in the project area
contains a section which looks like so:

<static>
<role id="default">
<static-operation id="com.ibm.team.process.server.saveProjectArea">
<permissions>
<action id="any"/>
</permissions>
</static-operation>
</role>
</static>

This particular configuration says that anyone can make any change to
the project area. If you want to change this so that only team leads can
modify the project area, for example, you would simply change the
"default" to "teamlead".

- Jared


karasiuk wrote:
Once you have authorized a user to a jazz repository (read and write
access), does that user now have full access to all of the project
areas in the repository?

I've setup my Jazz server running under WebSphere and LDAP. I
authorized a new user to the repository. I was very surprised to see
that that new user could access any of the project areas, and even
make themselves a team leader of any project area. Is this a
limitation of the beta? (I'm using beta1 update 1) or have I set
something up wrong?

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.