Customizable Groups

From OpenI Wiki

[edit]

Requirements

  • Role should be managable. Any number of roles can be added
  • There should be application defined fixed role for backward compatibility. These are : 'APP_ADMINISTRATOR', 'PROJ_ADMINISTRATOR' and 'PROJ_USER'
[edit]

Implementation

  • User defined roles are configurable in Application.xml in its securityRoles property. Roles need to be specified as comma seperated list of string as follows: 
 <Application>
   ...........
   <securityRoles>DBA_ADMIN,ABC_ROLE</securityRoles>
 </Application>
  • There are three pre-defined existing roles. These are - APP_ADMINISTRATOR, PROJ_ADMINISTRATOR and PROJ_USER. Pre-defined roles can not be added as user defined role
  • Role are editable in manage application ui
  • Role's members are configurable as follows:
    • For pre-defined roles, members are assigned as follows - appAdmins in application.xml for APP_ADMINISTRATOT, projAdmins in prject.xml for PROJ_ADMINISTRATOR and projUsers in project.xml for PROJ_USER respectively
    • User defined role's members are project specific and user association is configurable in roleMembers property of project.xml. Key represents the role name defined in application.xml and value represents the comma seperated its members as follows: 
<project >
   .......
  <roleMembers>
   <entry>
     <string>DBA_ADMIN</string>
     <string>user1,user2</string>
   </entry>
   <entry>
     <string>ABC_ROLE</string>
     <string>user3,user4</string>
   </entry>
  </roleMembers>
</Project>
  • User defined role's members are configurable from manage project ui
[edit]

Role's Priviledge

See : Enhanced Security

Retrieved from "http://wiki.openi.org/index.php/Customizable_Groups"