Assigning repository permissions
Use the Repository Manager Manage Permissions tab to manage permissions. Before getting started, review the permissions overview in Managing permissions.
Note
The tab uses the term "group." Group names this tab must align with your Remedy SSO role names or LDAP group names.
This documentation uses "role" to represent role/group in the authentication system.
This topic provides the following information:
Repository permissions overview
In the Repository Manager Manage Permissions tab you can
- Create groups.
- Assign group access for content management, creation, transfer, and access.
The repository permissions determine the actions available for users assigned to the corresponding roles/groups, such as:
- Import content using Grid Manager
- Upload and download content in Development Studio
- Upload content to the grid by using the content installation program
- Upload content to the grid by using Repository Manager
The first five entries in the Permissions-to-Groups column designate the repository permissions. The remaining entries designate the content, which includes adapters and modules. You can resize columns to more easily see long names that wrap in narrow columns.
Note
If a user is a member of more than one group, the user is granted the most permissive permissions. If a user is not assigned to any group, that user is automatically a member of the Default group and is granted the default permissions.
Default repository permissions
The following table describes the default permissions available in Repository Manager.
Repository permission | Permission | Description |
---|---|---|
Manage Permissions | View | Users assigned to the role can see the Manage Permissions tab. |
Update | Users assigned to the role can update role permissions. | |
Manage Content | View | Users assigned to the role can see the Manage Content tab. |
Update | Users assigned to the role can upload, download, and delete content and content versions to and from the repository. | |
Transfer Content | View | Users assigned to the role can see the Transfer Content tab. You can view content in the other repository only if you have access permissions to that repository. The permissions that you have for your current repository apply only to your current repository and do not grant access to the other repository. |
Update | Users assigned to the role can connect to another repository and transfer content between repositories. You can update content in the other repository only if you have access permissions to that repository. The permissions that you have for your current repository apply only to your current repository and do not grant access to the other repository. | |
Create New Content | Update | Users assigned to the role can upload new content from Development Studio into the repository. |
Access New Content | View | Users assigned to the role can view all content added to the repository in the future. |
Update | Users assigned to the role can update all content added to the repository in the future. |
The following table provides examples of how permission assignments control repository and content access.
Permission assignments | Access |
---|---|
View and Update permission for all repository permissions (full access) |
|
No View, no Update permissions for Manage Content |
|
View permission (not Update permission) for Manage Content |
|
View and Update permission for Access New Content No Update permission for Create New Content |
|
View permission (not Update permission) for Transfer Content |
|
View permission (not Update permission) for Manage Permissions |
|
To create a group
Each group that you create must have a matching role (in Remedy SSO) or matching group (in LDAP) of the same name.
- In the Repository Manager application, select the Manage Permissions tab.
Click Add Group, and then enter a unique name for the group.
Note
The group name must be unique within .
- Click Save.
The specified group name appears as a new column.
To add repository and content permissions to a group or edit them
In the Manage Permissions tab, select the group name.
You cannot edit the AoAdmin group.- On the Update Group permissions page, perform any of the following actions:
- To assign all view permissions to a group, select the check box in the View column header.
- To assign all update permissions to a group, select the check box in the Update column header.
If you select Update, then View is also selected and is disabled. To edit the view permissions, you must clear the Update permissions. - To assign individual view and update permissions to a group, select the corresponding check box in the View and Update columns.
If you select Update, then View is also selected and is disabled. To edit the view permission, you must clear the Update permission. - To remove all view permissions to a group, clear the check box in the View column header.
- To remove all update permissions to a group, clear the check box in the Update column header.
- To remove a permission from a group, clear the corresponding check box.
- Click Save to save the permission assignments.
Tips
Click the Reset button to undo your changes.
To copy permissions from one group to another
- In the Manage Permissions tab, click Copy Group.
- In Copy From Existing Group, select the group from which you want to copy permissions, and then in Copy To Group Name enter the group name (an existing group or a new group) where you want the permissions to be copied.
You cannot copy any group to the AoAdmin group; in other words, you cannot overwrite the AoAdmin group. Click Save.
- If you are copying permissions to an existing group, the Copy Group Permissions prompt asks for confirmation to overwrite the existing values for a group. Click Yes to overwrite the existing permissions.
To delete a group
- From the Manage Permissions tab, click the name of the group that you want to delete.
You cannot delete the AoAdmin group. - Click Delete and confirm.
Related topics
Creating and managing local users and roles in Remedy Single Sign-On
Comments
Log in or register to comment.