This documentation is for WSO2 Data Services Server 3.2.1. View documentation for the latest release.

Unknown macro: {next_previous_link3}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

The Permissions panel shows the defined role permissions and allows you to add new permissions and edit existing ones. Using this page, you can define which role has access to perform what operations on a registry resource or a collection. For example,

Adding new role permissions

  1. In the New Role Permissions section, select a role. Also see User Management for information on creating new user roles.

    The wso2.anonymous.role is a special role that represents a user who is not logged into the management console. Granting Read access to this role means that you do not require authentication to access resources using the respective Permalinks .

    The everyone role is a special role that represents a user who is logged in to the management console. Granting Read access to this role means that any user who has logged into the management console with sufficient permissions to access the Resource Browser can read the respective resource. Granting Write or Delete access means that any user who is logged in to the management console with sufficient permissions to access the Resource Browser   can make changes to the respective resource.

  2. Select an action from the drop-down list. The following actions are available:

    • Read
    • Write
    • Authorize - A special permission that gives a role the ability to grant and revoke permissions to/from others
  3. Select whether to allow the action or deny and click Add Permission. For example

    Deny permissions have higher priority over Allow. That is, a Deny permission always overrides an Allow permission assigned to a role.

    Deny permission must be given at the collection level. For example, to deny the write/delete action on a given policy file, set Write/Delete actions for the role to Deny in /trunk/policies. If you set the Deny permission beyond the collection level (e.g., / or /_system etc.) it will not be applied for the user's role.

  4. The new permission appears in the list.

    From here, you can edit the permissions by selecting and clearing the check boxes. After editing the permissions, click Apply All Permissions to save the alterations.
  • No labels