Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Fixed links

Application visibility allows

...

you to prevent users with certain roles from viewing a

...

web application in the App Store.

...

 When creating a web application using the App

...

Publisher, you can make the app

...

visible

...

to the public, or restrict its visibility to a particular role(s)

...

.

Table of Contents
maxLevel3

...

Web applications with public visibility

Web apps with public visibility, which

...

are created by a user of a specific tenant domain

...

, are visible to all users (subscribers

...

and anonymous users)

...

 of that domain. Do not select

...

the Restrict Visibility field if you need to enable public visibility.

Web applications with visibility restricted by roles

Web applications with a visibility restricted to specific roles are visible only to users assigned to that particular role. Specify the user roles that need to have access to the Web web application in the Restrict Visibility fieldRestrict Visibility field.

Info

  • Roles that have Web web application creation and publication permissions can see all applications in their tenant App Store, even if you restrict access to those roles. This is because , any role that has Web web application creation and publication permissions can view and edit all Web web applications in the App Publisher.

  • If you restrict the visibility of a Web web app to a default internal/subscriber role, any user who registers to the App Store is able to access the Web web application. This is because, WSO2 App Manager assigns the internal/subscriber role to all users who register to the App Store.

In WSO2 App Manager, visibility levels work for users in different tenant modes as follows.

Visibility in super tenant domain

Application subscribers in of the default super tenant domain can see applications depending on its visibility level as follows.

  • Anonymous users

    :

    can view all applications with public visibility.

  • Signed-in users : can view all applications with public visibility, as well as applications that are restricted to a role , which is assigned to the signed-up in user.

Visibility in multi-tenant mode

A tenant's App Store is the App Store , which is specific to the tenant domain of the user. Therefore, in multi-tenant mode, a subscriber can view applications based on their visibility levels, as well as the App Store the user is viewing. Any subscriber can view applications of its tenant App Store depending on its visibility level as follows:

  • Anonymous

    users: can

    users can view apps that have public visibility

    ,

    and are created within the current user's tenant domain.

  • Signed-in users

    :

    can

    view apps

    view apps that have public visibility

    ,

    and

    are

    apps created within the current users tenant

    domain, and also applications created within the current user's tenant domain, which

    domain that are allowed to be accessed by the current user role.

Controlling visibility of a new user role

Follow the steps below

...

to configure

...

web application visibility.

  1. Log in to
    2. management console
  2. the Management Console ( https://localhost:9443/carbon )
    3. ,
  3. and create a user role named roleA with the permissions given below
    4. permissions
  4. . For information on user roles,
    5. see
  5. see Configuring Users and Roles.
    Image Modified
  6. Create a role
    7. named roleB
  7. named roleB with the same permissions as specified above.
  8. Create a user
    9. named userA
  9. named userA and assign roleA to the user.
  10. Create a user
    11. named userB and assign roleB to
  11. named userB and assign roleB to the user.

  12. Create

    13. a Web

  13. web application.

    14. Since we are going to

  14. To restrict

    15. the

  15. visibility of this

    16. Web

  16. web app to roleA,

    17. enter

  17.  enter roleA

    18. as

  18.  as the value

    19. of Restrict Visibility field,

  19. in the Restrict Visibility field when creating the

    20. Web

  20. app.

    21. For instructions on creating a Web app, see Creating Web Applications.
  21. Publish the Web application. For instructions on publishing a Web app, see Publishing Web Applications.
    22. Access

  22. Note

    In order to create a web app, log in with a user that has the following permissions:

    • All Permissions > Admin Permissions > Configure > Governance and all underlying permissions
    • All Permissions > Admin Permissions > Login
    • All Permissions > Admin Permissions > Manage > API > Create  
    • All Permissions > Admin Permissions > Manage > Resources > Govern and all underlying permissions  
  23. Publish the web application.
  24. Access the App Store as an anonymous user. You
    25. will not view the
  25. are unable to see the newly created application in the App Store.
    26. Log
  26. Now log in to the App Store as userA. You are now able to
    27. view
  27. see the
    28. Web
  28. newly created application.
  29. Log in to the App Store as userB or any other user who is not
    30. assigned with roleA
  30. assigned roleA. You
    31. will not be able to view the Web application since it is restricted only
  31. are unable to see the application as visibility is restricted to roleA.