Role-based or user-based access control mechanisms can be set for assets stored in WSO2 Governance Registry. Utilizing some of the out of the box constructs such as Resource Permissions and Standard Extension Points, granular access control schemes can be put in place to manage assets.
For example the following operations can be done on a per-user or per-role basis:
- Restrict the functions that can be performed on an asset (read more about Retention)
Enabling Asset-specific operations (read more about the Custom User Interface extension point)
The Custom UI Sample explains how to build a custom user interface for an asset.
- Controlling Access to sub-sets of Asset Data and Asset-specific features.
- Out of the box support for well known asset types such as Services, URI and API assets (read more about the readonly attribute for text fields)
- Ability to control availability of community features (comments, tags and ratings) associated with assets.
- Ability to restrict access to properties and metadata.
- Apart from some of these standard provisions, a typical user can use well defined extension points (read more about Handlers)
The Handler Sample explains how to create a Handler for a particular asset type.
Controlling Access to Asset Lifecycle (read more under the section on Lifecycle State)