Role Permissions
The Permissions panel shows the defined role permissions and allows you to add new permissions and edit existing ones. Using this page, you can define which role has access to perform what operations on a registry resource or a collection. For example,
Adding new role permissions
In the New Role Permissions section, select a role. Also see User Management for information on creating new user roles.
The
wso2.anonymous.role
is a special role that represents a user who is not logged into the management console. GrantingRead
access to this role means that you do not require authentication to access resources using the respective Permalinks .The
everyone
role is a special role that represents a user who is logged in to the management console. GrantingRead
access to this role means that any user who has logged into the management console with sufficient permissions to access the Resource Browser can read the respective resource. GrantingWrite
orDelete
access means that any user who is logged in to the management console with sufficient permissions to access the Resource Browser  can make changes to the respective resource.Select an action from the drop-down list. The following actions are available:
- Read
- Write
- Authorize - A special permission that gives a role the ability to grant and revoke permissions to/from others
Select whether to allow the action or deny and click Add Permission. For example
Deny
permissions have higher priority overAllow.
That is, aDeny
permission always overrides anAllow
permission assigned to a role.
Deny
permission must be given at the collection level. For example, to deny the write/delete action on a given policy file, set Write/Delete actions for the role toDeny
in/trunk/policies
. If you set theDeny
permission beyond the collection level (e.g., / or /_system etc.) it will not be applied for the user's role.- The new permission appears in the list.
From here, you can edit the permissions by selecting and clearing the check boxes. After editing the permissions, click Apply All Permissions to save the alterations.