This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Roles
User roles must be granted with permissions in order to access and do operations on every Governance Registry feature. Following are the combinations of permissions required to access Governance Registry features and do relevant operations. Permissions can be granted to a user role while its being created.
Extensions
- Add
- All Permission>Admin Permissions>Manage>Extensions>List
- All Permission>Admin Permissions>Manage>Extensions>List
- List
- All Permission>Admin Permissions>Manage>Extensions>Add
- All Permission>Admin Permissions>Manage>Extensions>Add
- Life Cycles
- All Permission>Admin Permissions>Configure>Governance>Lifecycles
- All Permission>Admin Permissions>Configure>Governance>Lifecycles
- Handler
- All Permission>Admin Permissions>Configure>Repository>handlers
- All Permission>Admin Permissions>Manage>Resources>Browse
Main>Resources
- Browse
- All Permission>Admin Permissions>Manage>Resources>Browse
- All Permission>Admin Permissions>Manage>Resources>Browse
- Activity search
- All Permission>Admin Permissions>Manage>Search>Activities
- All Permission>Admin Permissions>Manage>Search>Activities
- Search
- All Permission>Admin Permissions>Manage>Search>Advanced
- All Permission>Admin Permissions>Manage>Search>Advanced
- Reports
- All Permission>Admin Permissions>Manage>Resources>WS-API
- All Permission>Admin Permissions>Manage>Resources>Browse
Main>Metadata
In order to Add any artifact the following permissions must be given:
- All Permission>Admin Permissions>Manage>Resources>Govern>Metadatta
- All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>Add
- All Permission>Admin Permissions>Manage>Resources>WS-API
- All Permission>Admin Permissions>Manage>Resources>Browse
In addition, the following specific permissions must be given for each artifact:
- Add API
- All Permission>Admin Permissions>Manage>Resources>Govern>APIs>Add
- All Permission>Admin Permissions>Manage>Resources>Govern>APIs>Add
- Add Policy
- All Permission>Admin Permissions>Manage>Resources>Govern>Policies>Add
- All Permission>Admin Permissions>Manage>Resources>Govern>Policies>Add
- Add Schema
- All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>Add
- Add Service
- All Permission>Admin Permissions>Manage>Resources>Govern>Services>Add
- All Permission>Admin Permissions>Manage>Resources>Govern>Services>Add
- Add URI
- All Permission>Admin Permissions>Manage>Resources>Govern>URIs>Add
- All Permission>Admin Permissions>Manage>Resources>Govern>URIs>Add
- Add WSDL
- All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>Add
- All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>Add
In order to List any artifact, the following permissions must be given
- All Permission>Admin Permissions>Manage>Resources>Govern>Metadata
- All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>List
- All Permission>Admin Permissions>Manage>Resources>WS-API
In addition, the following specific permissions must be given for each artifact:
- List API
- All Permission>Admin Permissions>Manage>Resources>Govern>APIs>List
- All Permission>Admin Permissions>Manage>Resources>Govern>APIs>List
- List Policy
- All Permission>Admin Permissions>Manage>Resources>Govern>Policies>List
- All Permission>Admin Permissions>Manage>Resources>Govern>Policies>List
- List Schema
- All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>List
- All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>List
- List Service
- All Permission>Admin Permissions>Manage>Resources>Govern>Services>List
- All Permission>Admin Permissions>Manage>Resources>Govern>Services>List
- List URI
- All Permission>Admin Permissions>Manage>Resources>Govern>URIs>List
- All Permission>Admin Permissions>Manage>Resources>Govern>URIs>List
- List WSDL
- All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>List
You might want to have a look at the default permission mappings in repository/conf/permission-mappings.xml
if you are interested in more granular resource access permissions.
Main>Configure
- Notifications
- All Permission>Admin Permissions>Manage>Resources>Browse
- All Permission>Admin Permissions>Manage>Resources>Notifications
- All Permission>Admin Permissions>Manage>Resources>Community Features
Associations and Dependencies
- Add Association and Add Dependencies
- All Permission>Admin Permissions>Manage>Resources>Associations.
- And the particular resource should have WRITE permission provided for the logged in User role.
Life Cycles
- Life Cycles
- All Permission>Admin Permissions>Manage>Resources>Community Features
- All Permission>Admin Permissions>Manage>Resources>Govern>Lifecycles
- All Permission>Admin Permissions>Manage>Resources>Browse
- In order to perform a life cycle operation (Promoted/Demote) on a resource the user should have READ/WRITE permissions to the target environment.
Community Features
- Add Tags, Add Comments, Add Subscriptions, Add Ratings
- All Permission>Admin Permissions>Manage>Resources>Community Features