User roles must be granted with permissions in order to access and do operations on every Governance Registry feature. Following are the combinations of permissions required to access Governance Registry features and do relevant operations. Permissions can be granted to a user role while its being created.
Extensions
- Add
- All Permission>Admin Permissions>Manage>Extensions>List
- All Permission>Admin Permissions>Manage>Extensions>List
- List
- All Permission>Admin Permissions>Manage>Extensions>Add
- All Permission>Admin Permissions>Manage>Extensions>Add
- Life Cycles
- All Permission>Admin Permissions>Configure>Governance>Lifecycles
- All Permission>Admin Permissions>Configure>Governance>Lifecycles
- Handler
- All Permission>Admin Permissions>Configure>Repository>Handlers
- All Permission>Admin Permissions>Manage>Resources>Browse
- Artifact Types
- All Permission>Admin Permissions>Configure>Governance>Manage RXT
- All Permission>Admin Permissions>Manage>Resources>Browse
- All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>Add
- All Permission>Admin Permissions>Manage>Resources>Search>Advanced
Main>Resources
- Browse
- All Permission>Admin Permissions>Manage>Resources>Browse
You might need provide additional permissions to the logged in User Role in order to perform WRITE and DELETE operations on resources and collections. See Managing Role Permissions.
- Activity search
- All Permission>Admin Permissions>Manage>Search>Activities
- All Permission>Admin Permissions>Manage>Search>Activities
- Search
- All Permission>Admin Permissions>Manage>Search>Advanced
- All Permission>Admin Permissions>Manage>Search>Advanced
- Reports
- All Permission>Admin Permissions>Manage>Resources>WS-API
- All Permission>Admin Permissions>Manage>Resources>Browse
Main>Metadata
In order to Add any artifact the following permissions must be given:
- All Permission>Admin Permissions>Manage>Resources>Govern>Metadatta
- All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>Add
- All Permission>Admin Permissions>Manage>Resources>WS-API
- All Permission>Admin Permissions>Manage>Resources>Browse
In addition, the following specific permissions must be given for each artifact:
- Add API
- All Permission>Admin Permissions>Manage>Resources>Govern>APIs>Add
- Add Document
- All Permission>Admin Permissions>Manage>Resources>Govern>Documents>Add
- Add Endpoint
- All Permission>Admin Permissions>Manage>Resources>Govern>Endpoints>Add
- Add Policy
- All Permission>Admin Permissions>Manage>Resources>Govern>Policies>Add
- Add Provider
- All Permission>Admin Permissions>Manage>Resources>Govern>Providers>Add
- Add Proxy
- All Permission>Admin Permissions>Manage>Resources>Govern>Proxies>Add
- Add Schema
- All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>Add
- Add Service
- All Permission>Admin Permissions>Manage>Resources>Govern>Services>Add
- Add URI
- All Permission>Admin Permissions>Manage>Resources>Govern>URIs>Add
- Add WADL
- All Permission>Admin Permissions>Manage>Resources>Govern>WADLs>Add
- Add WSDL
- All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>Add
In order to List any artifact, the following permissions must be given
- All Permission>Admin Permissions>Manage>Resources>Govern>Metadata
- All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>List
- All Permission>Admin Permissions>Manage>Resources>WS-API
In addition, the following specific permissions must be given for each artifact:
- List API
- All Permission>Admin Permissions>Manage>Resources>Govern>APIs>List
- List Document
- All Permission>Admin Permissions>Manage>Resources>Govern>Documents>List
- List Endpoint
- All Permission>Admin Permissions>Manage>Resources>Govern>Endpoints>List
- List Policy
- All Permission>Admin Permissions>Manage>Resources>Govern>Policies>List
- List Provider
- All Permission>Admin Permissions>Manage>Resources>Govern>Providers>List
- List Proxy
- All Permission>Admin Permissions>Manage>Resources>Govern>Proxies>List
- List Schema
- All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>List
- List Service
- All Permission>Admin Permissions>Manage>Resources>Govern>Services>List
- List URI
- All Permission>Admin Permissions>Manage>Resources>Govern>URIs>List
- List WADL
- All Permission>Admin Permissions>Manage>Resources>Govern>WADLs>List
- List WSDL
- All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>List
You might want to have a look at the default permission mappings in repository/conf/permission-mappings.xml
if you are interested in more granular resource access permissions. See Configuring Registry Files.
Main>Configure
- Notifications
- All Permission>Admin Permissions>Manage>Resources>Browse
- All Permission>Admin Permissions>Manage>Resources>Notifications
- All Permission>Admin Permissions>Manage>Resources>Community Features
Associations and Dependencies
- Add Association and Add Dependencies
- All Permission>Admin Permissions>Manage>Resources>Associations.
- And the particular resource should have WRITE permission provided for the logged in User role.
Life Cycles
- Life Cycles
- All Permission>Admin Permissions>Manage>Resources>Community Features
- All Permission>Admin Permissions>Manage>Resources>Govern>Lifecycles
- All Permission>Admin Permissions>Manage>Resources>Browse
- In order to perform a life cycle operation (Promoted/Demote) on a resource the user should have READ/WRITE permissions to the target environment.
Community Features
- Add Tags, Add Comments, Add Subscriptions, Add Ratings
- All Permission>Admin Permissions>Manage>Resources>Community Features