Versions Compared

Old Version 4

changes.mady.by.user Former user

Saved on

compared with

New Version 5

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

A user role is a consolidation of several permissions. A permission is a delegation of authority or a right that is assigned to a user or a group of users to perform an action on a system. Permissions can be granted to or revoked from a user/user group/user role automatically or by a system administrator. For example, if a user has the permission to log in to sign into a systemssystem, then the permission to log sign out is automatically implied without the need of granting it specifically. Instead of associating permissions with a user, admins can associate permissions with a user role and assign the role to users. User roles can be reused throughout the system and prevents the overhead of granting multiple permissions to each and every user individually.

...

  • Internal/publisher -  This is a sample role that is meant to demonstrate the permissions required from a Publisher user. 
  • Internal/store - This is a sample role that is meant to demonstrate the permissions required from a Store user. 
  • Internal/reviewer - This is a sample role that is meant to demonstrate the permissions required from a Reviewer user. Every asset needs to be reviewed by a user in this role, before role before the asset is published into the Store.
  • private_{username} - users’ private role. Every user in the ES are is automatically associated with a role that is created by prefixing their username with private_ . Use this role to control per-user permissions.

  • Internal/everyone - This role, which is a system reserved role, is used to create system operations. 

    Info

    If you wish to prevent external operations being carried out by the Internal/everyone role, ensure to revoke operations from the  role.

...

User roleAllowed Actions
Internal/publisher
  • Login to the Publisher.
  • View the asset list.
  • Create and update assets.
  • View the lifecycle management page.
Internal/reviewer
  • Login to the Publisher.
  • View the asset list.
  • View the lifecycle management page.
  • Update the lifecycle state.
Internal/store
  • Login to the Store.
  • View the asset list.
  • View details of an asset.
  • Bookmark assets.
  • Add a review and rate assets.
private_{username} By default, only the login permission is assigned to this role. However, if there are permissions that need to be allowed to specific users, they can be assigned using this role. Ensure to replace the {username} with that specific user's username.
Note

If you create any custom roles that mimic the internal/publisher role, which is shipped with ES, you need to add the read/write access to the static part of the storage path defined in the RXTs.

Code Block
staticPath = Utils.governanceRooted(staticPath);

 

Info

The Add, Modify, and Remove role options are only visible to administrators with privileges.

...

  1. Sign into the WSO2 ES Management Console.
  2. On the Main menu, navigate to Users and Roles, and click List
  3. Click Roles
  4. Search for the role.
  5. To Rename the role:
    • Click Rename.
    • Enter the new name of the role.
    • Click Finish.
  6. To edit the permissions of the role:
    • Click the respective  Permissions  link.
    • Select/De-select on the permissions that you wish to add/remove.
    • Click Update.
    • A confirmation message appears. Click OK.
  7. To assign users to the role:
    • Click the respective  Assign Users  link.
    • Select on the users that you wish to assign to this role.
    • Click Update.
    • A confirmation message appears. Click OK.
    • Click Finish.

...