This documentation is for WSO2 Governance Registry 5.3.0. View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

User roles must be granted with permissions in order to access and do operations on every Governance Registry feature. Following are the combinations of permissions required to access Governance Registry features and do relevant operations. Permissions can be granted to a user role while its being created. 

Extensions 

  1. Add 
    1. All Permission>Admin Permissions>Manage>Extensions>List
  2. List 
    1. All Permission>Admin Permissions>Manage>Extensions>Add
  3. Life Cycles 
    1. All Permission>Admin Permissions>Configure>Governance>Lifecycles
  4. Handler 
    1. All Permission>Admin Permissions>Configure>Repository>Handlers
    2. All Permission>Admin Permissions>Manage>Resources>Browse
  5. Artifact Types
    1. All Permission>Admin Permissions>Configure>Governance>Manage RXT
    2. All Permission>Admin Permissions>Manage>Resources>Browse
    3. All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>Add
    4. All Permission>Admin Permissions>Manage>Resources>Search>Advanced
    5. All Permission>Admin Permissions>Manage>Resources>WS-API

Main>Resources

  1. Browse 
    1. All Permission>Admin Permissions>Manage>Resources>Browse
Info

You might need provide additional permissions to the logged in User Role in order to perform WRITE and DELETE operations on resources and collections. See Managing Role Permissions.

  1. Activity search 
    1. All Permission>Admin Permissions>Manage>Search>Activities
  2. Search 
    1. All Permission>Admin Permissions>Manage>Search>Advanced
  3. Reports 
    1. All Permission>Admin Permissions>Manage>Resources>WS-API
    2. All Permission>Admin Permissions>Manage>Resources>Browse

Main>Metadata

In order to Add any artifact the following permissions must be given:

    1. All Permission>Admin Permissions>Manage>Resources>Govern>Metadata
    2. All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>Add
    3.  All Permission>Admin Permissions>Manage>Resources>WS-API
    4. All Permission>Admin Permissions>Manage>Resources>Browse

In addition, the following specific permissions must be given for each artifact:

  1. Add Endpoint
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Endpoints>Add
  2. Add Note
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Notes>Add
  3. Add Policy
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Policies>Add
  4. Add REST Service
    1. All Permission>Admin Permissions>Manage>Resources>REST Services>Add
  5. Add Schema 
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>Add
  6. Add Server
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Servers>Add
  7. Add Service
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Services>Add
  8. Add SOAP Service
    1. All Permission>Admin Permissions>Manage>Resources>Govern>SOAP Services>Add
  9. Add Swagger
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Swaggers>Add
  10. Add URI 
    1. All Permission>Admin Permissions>Manage>Resources>Govern>URIs>Add
  11. Add WADL
    1. All Permission>Admin Permissions>Manage>Resources>Govern>WADLs>Add
  12. Add WSDL   
    1. All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>Add 

In order to List any artifact, the following permissions must be given

    1. All Permission>Admin Permissions>Manage>Resources>Govern>Metadata
    2. All Permission>Admin Permissions>Manage>Resources>Govern>Generic Artifacts>List
    3. All Permission>Admin Permissions>Manage>Resources>WS-API

In addition, the following specific permissions must be given for each artifact:

  1. List Endpoint
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Endpoints>List
  2. List Note
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Notes>List
  3. List Policy
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Policies>List
  4. List REST Service
    1. All Permission>Admin Permissions>Manage>Resources>REST Services>List
  5. List Schema 
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Schemas>List
  6. List Server
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Servers>List
  7. List Service
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Services>List
  8. List SOAP Service
    1. All Permission>Admin Permissions>Manage>Resources>Govern>SOAP Services>List
  9. List Swagger
    1. All Permission>Admin Permissions>Manage>Resources>Govern>Swaggers>List
  10. List URI 
    1. All Permission>Admin Permissions>Manage>Resources>Govern>URIs>List
  11. List WADL
    1. All Permission>Admin Permissions>Manage>Resources>Govern>WADLs>List
  12. List WSDL   
    1. All Permission>Admin Permissions>Manage>Resources>Govern>WSDLs>List
Info

You might want to have a look at the default permission mappings in repository/conf/permission-mappings.xml if you are interested in more granular resource access permissions. See Configuring Registry Files.

 Main>Configure

  1. Notifications 
    1. All Permission>Admin Permissions>Manage>Resources>Browse
    2. All Permission>Admin Permissions>Manage>Resources>Notifications
    3. All Permission>Admin Permissions>Manage>Resources>Community Features 

Associations and Dependencies 

  1. Add Association and Add Dependencies
    1. All Permission>Admin Permissions>Manage>Resources>Associations.
    2. And the particular resource should have WRITE permission provided for the logged in User role. 

Life Cycles

  1. Life Cycles
    1. All Permission>Admin Permissions>Manage>Resources>Community Features
    2. All Permission>Admin Permissions>Manage>Resources>Govern>Lifecycles
    3. All Permission>Admin Permissions>Manage>Resources>Browse
  2.  In order to perform a life cycle operation (Promoted/Demote) on a resource the user should have READ/WRITE permissions to the target environment. 

Community Features 

  1. Add Tags, Add Comments, Add Subscriptions, Add Ratings
    1.  All Permission>Admin Permissions>Manage>Resources>Community Features
Excerpt
hiddentrue

Information about role-based access control