Jazz Security and Project Areas
Once you have authorized a user to a jazz repository (read and write access), does that user now have full access to all of the project areas in the repository?
I've setup my Jazz server running under WebSphere and LDAP. I authorized a new user to the repository. I was very surprised to see that that new user could access any of the project areas, and even make themselves a team leader of any project area. Is this a limitation of the beta? (I'm using beta1 update 1) or have I set something up wrong? |
One answer
Jared Burns (4.5k●2●9)
| answered Aug 08 '07, 1:08 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
The fact that they can see the project area is a current limitation.
The fact that they can make themselves a team leader is configurable in process permissions. The process specification in the project area contains a section which looks like so: <static> <role id="default"> <static-operation id="com.ibm.team.process.server.saveProjectArea"> <permissions> <action id="any"/> </permissions> </static-operation> </role> </static> This particular configuration says that anyone can make any change to the project area. If you want to change this so that only team leads can modify the project area, for example, you would simply change the "default" to "teamlead". - Jared karasiuk wrote: Once you have authorized a user to a jazz repository (read and write |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.