Unknown macro: {next_previous_links}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

The Permissions panel shows the defined role permissions, and allows to add new role permissions and edit existing ones.

Adding new role permissions

1. In the New Role Permission panel, select a role to set a permission.

Note

The wso2.anonymous.role is a special role that represents a user that has not logged into the WSO2 Governance Registry Management Console. Granting Read access to resources for this role would mean that you do not require authentication to access resources using the respective Permalinks. The everyone role is a special role that represents a user that has logged into the WSO2 Governance Registry Management Console. Granting Read access to a resource would mean that any user who has logged into the Management Console with sufficient permissions to access the Resource Browser can read the respective resource. Granting Write or Delete access to a resource would mean that any user who has logged into the Management Console with sufficient permissions to access the Resource Browser  can make changes to the respective resource.

2. Select an action from the drop-down menu. The following actions are available:

  • Read
  • Write
  • Delete
  • Authorize

Note

Authorize is a special permission that gives a role the ability to grant and revoke permissions.

3. Select whether to allow or deny the action for the selected role.

Note

Denied permissions have higher priority over allowed permissions. Essentially, this means that a denied permission always overrides an allowed permission assigned to a role. Denied permissions must be set at the collection level. For example, if you want to deny the write/delete action on a given policy file, you should set the permission for Write/Delete to Deny for the role at the /trunk/policies level. If you set the permission to Deny beyond the collection level (e.g.: / or /_system…etc), it will not be applied to the user role.

4. Click Add Permission.

5. The new permission appears in the Defined Role Permissions list.

Editing role permissions

1. Existing permissions can be changed by selecting and clearing the check boxes for the required permissions in the Defined Role Permissions list.

2. After editing the permissions, click Apply All Permissions to save the alterations.

  • No labels