This documentation is for WSO2 App Factory 2.0.0. View documentation for the latest release.
Skip to end of metadata
Go to start of metadata

Introduction

Platform roles are user roles applicable to the entire system, rather than a selected application. WSO2 App Factory comes by default with a set of commonly-used system roles. They are 

  • App Factory Users
  • Admin
  • CEO

 In addition to these, you can also define your own roles and set permissions to them using the <PlatformRoles> element in <AF_HOME>/repository/conf/appfactory/appfactory.xml file.

The default roles are defined within <DefaultUserRole name=""> elements under the <PlatformRoles> element while the newly-added ones are defined within <Role name=""> elements. For example, the appFactoryUsers role is a default role assigned to all the users created in App Factory.

Sample configuration

Following sample code adds a new role by the name admin to App Factory:

<PlatformRoles>
	<DefaultUserRole name="appFactoryUsers">
		<Permission>
			 /permission/admin/appfactory/application/create,
             /permission/admin/login,
             /permission/admin/manage/api/subscribe,
             /permission/admin/manage/api/create,
             /permission/admin/manage/api/publish,
             /permission/admin/configure/governance,
             /permission/admin/manage/resources
		</Permission>
	</DefaultUserRole>
	<Role name="admin">
		<Permission>
			CreateApplication/CreateApplication:invoke-service,
			/permission/admin/appfactory/ceo/dashboard
		</Permission>
	</Role>
	<Role>
	.
	.
	</Role>
</PlatformRoles>

The elements of the sample configuration are explained below. You can use this information to edit the file according to your requirements.

XML elements of the sample code

Element NameDescriptionTypeDefault ValueFixed ValuesMandatory/Optional
<PlatformRoles>
Define set of platform roles.    

<DefaultUserRole name="">

Default platform role name. This tag defined set of entitlements which is assigned to all user created by App Factory.

String   

<Permission>

Set of entitlements allowed for mentioned role. Each entitlements are separated by comma.

String   
<Role>Role tag is used to define other set of super admin roles.String   
  • No labels