bildwelt
E2E FORUM
E2E Bridge E2E Commerce

Reply To: E2E Console Groups

E2E Forum General Discussion E2E Console Groups Reply To: E2E Console Groups

#707

Alfred
Moderator

Hello Björn,

I understand your idea like that. You want to have different roles. One role should be able to deploy and delete composite services and assign role membership. The other role is not allowed to deploy and delete composites, but it should be able to stop, start, kill and export service-configurations. Is this what you want to have?

The E2E Console has a fixed set of three different roles ADMIN, MODELER and USER. Each E2E Console user is member of one group and the user gets his role from the group.

The roles have these http://docu.e2ebridge.com/Summary+of+User+Access+Rights rights. The configuration of the rights is stored in the file e2e_bridge_data/domain/roles.xml . If you edit this file with an editor you can change the rights. It is a XML file. After a E2E Console update you have to reapply your modifications.

You could for example remove for all modelers the permission to deploy new services, redeploy services or delete services if you delete or uncomment the following lines inside this element <role roleid=”MODELER” description=”Modelers”>

<permission name=”deploy/create”                   type=”ALL” />
<permission name=”deploy/replace”                  type=”GROUP” />
<permission name=”bridgeserver/delete_instance”    type=”GROUP” />

After you saved the file roles.xml the permissions are immediately changed.

This is the changed roles.xml

<?xml version=”1.0″ encoding=”utf-8″?>
<roles version=”$Revision: 1.2 $” xmlns=”http://e2e.ch/Console” sequence=”2″>
<role roleid=”ADMIN” description=”Administrators”>
<!– common –>
<permission name=”common/welcome” type=”ALL” />
<permission name=”common/logout” type=”ALL” />
<permission name=”common/domain” type=”ALL” />
<permission name=”common/nodes” type=”ALL” />
<!– administration (users) –>
<permission name=”domain/users” type=”ALL” />
<permission name=”domain/user_create” type=”ALL” />
<permission name=”domain/user_modify” type=”ALL” />
<permission name=”domain/user_modify_name” type=”ALL” />
<permission name=”domain/user_modify_group” type=”ALL” />
<permission name=”domain/user_modify_active” type=”ALL” />
<permission name=”domain/user_modify_passwd” type=”ALL” />
<permission name=”domain/user_delete” type=”ALL” />
<!– administration (groups) –>
<permission name=”domain/groups” type=”ALL” />
<permission name=”domain/group_create” type=”ALL” />
<permission name=”domain/group_modify” type=”ALL” />
<permission name=”domain/group_modify_name” type=”ALL” />
<permission name=”domain/group_modify_role” type=”ALL” />
<permission name=”domain/group_delete” type=”ALL” />
<!– administration (nodes) –>
<permission name=”domain/nodes” type=”ALL” />
<permission name=”domain/node_import” type=”ALL” />
<permission name=”domain/node_remove” type=”ALL” />
<permission name=”domain/node_convert” type=”ALL” />
<!– administration (deploy) –>
<permission name=”deploy/create” type=”ALL” />
<permission name=”deploy/replace” type=”ALL” />
<!– nodes (console manager) –>
<permission name=”console/prefs” type=”ALL” />
<permission name=”console/prefs_modify” type=”ALL” />
<permission name=”console/prefs_modify_logging” type=”ALL” />
<permission name=”console/prefs_modify_trace” type=”ALL” />
<permission name=”console/prefs_modify_display_name” type=”ALL” />
<permission name=”console/prefs_modify_monitoring_url” type=”ALL” />
<permission name=”console/logging” type=”ALL” />
<permission name=”console/firmware” type=”ALL” />
<permission name=”console/firmware_modify” type=”ALL” />
<!– nodes (system manager) –>
<permission name=”system/network” type=”ALL” />
<!– nodes (proxy server) –>
<permission name=”proxyserver/prefs” type=”ALL” />
<permission name=”proxyserver/prefs_modify” type=”ALL” />
<permission name=”proxyserver/prefs_modify_admin” type=”ALL” />
<permission name=”proxyserver/logging” type=”ALL” />
<permission name=”proxyserver/start” type=”ALL” />
<permission name=”proxyserver/stop” type=”ALL” />
<!– nodes (proxy instances) –>
<permission name=”proxynode/entries” type=”ALL” />
<permission name=”proxynode/certs” type=”ALL” />
<permission name=”proxynode/certs_modify” type=”ALL” />
<permission name=”proxynode/delete” type=”ALL” />
<permission name=”proxynode/create” type=”ALL” />
<permission name=”proxynode/settings” type=”ALL” />
<permission name=”proxynode/settings_modify” type=”ALL” />
<!– nodes (bridge server) –>
<permission name=”bridgeserver/instances” type=”ALL” />
<permission name=”bridgeserver/plugins” type=”ALL” />
<permission name=”bridgeserver/plugins_modify” type=”ALL” />
<permission name=”bridgeserver/licensing” type=”ALL” />
<permission name=”bridgeserver/licensing_modify” type=”ALL” />
<permission name=”bridgeserver/start_instances” type=”ALL” />
<permission name=”bridgeserver/stop_instances” type=”ALL” />
<permission name=”bridgeserver/delete_instance” type=”ALL” />
<permission name=”bridgeserver/resource” type=”ALL” />
<permission name=”bridgeserver/resource_modify” type=”ALL” />
<permission name=”bridgeserver/java” type=”ALL” />
<permission name=”bridgeserver/java_modify” type=”ALL” />
<permission name=”bridgeserver/xslt” type=”ALL” />
<permission name=”bridgeserver/xslt_modify” type=”ALL” />
<permission name=”bridgeserver/statistic” type=”ALL” />
<permission name=”bridgeserver/statistic_modify” type=”ALL” />
<!– nodes (bridge instances) –>
<permission name=”bridgeinst/history” type=”ALL” />
<permission name=”bridgeinst/logging” type=”ALL” />
<permission name=”bridgeinst/prefs” type=”ALL” />
<permission name=”bridgeinst/prefs_modify” type=”ALL” />
<permission name=”bridgeinst/prefs_modify_startup” type=”ALL” />
<permission name=”bridgeinst/prefs_modify_automatic_restart” type=”ALL” />
<permission name=”bridgeinst/prefs_modify_owner” type=”ALL” />
<permission name=”bridgeinst/prefs_modify_logging” type=”ALL” />
<permission name=”bridgeinst/prefs_modify_transaction_logging” type=”ALL” />
<permission name=”bridgeinst/status” type=”ALL” />
<permission name=”bridgeinst/start” type=”ALL” />
<permission name=”bridgeinst/stop” type=”ALL” />
<permission name=”bridgeinst/templates” type=”ALL” />
<permission name=”bridgeinst/templates_modify” type=”ALL” />
<permission name=”bridgeinst/kill” type=”ALL” />
<permission name=”bridgeinst/export” type=”ALL” />
<permission name=”bridgeinst/dump” type=”ALL” />
<permission name=”bridgeinst/dump_modify” type=”ALL” />
<permission name=”bridgeinst/state_classes” type=”ALL” />
<permission name=”bridgeinst/state_objectes” type=”ALL” />
<permission name=”bridgeinst/state_object” type=”ALL” />
<permission name=”bridgeinst/state_events” type=”ALL” />
<permission name=”bridgeinst/state_classes_modify” type=”ALL” />
<permission name=”bridgeinst/state_objectes_modify” type=”ALL” />
<permission name=”bridgeinst/state_object_modify” type=”ALL” />
<permission name=”bridgeinst/state_events_modify” type=”ALL” />
<permission name=”bridgeinst/state_delete” type=”ALL” />
</role>
<role roleid=”MODELER” description=”Modelers”>
<!– common –>
<permission name=”common/welcome” type=”ALL” />
<permission name=”common/logout” type=”ALL” />
<permission name=”common/domain” type=”ALL” />
<permission name=”common/nodes” type=”ALL” />
<!– administration (users) –>
<permission name=”domain/users” type=”ALL” />
<permission name=”domain/user_modify” type=”OWNER” />
<permission name=”domain/user_modify_passwd” type=”OWNER” />
<!– administration (deploy) –>
<!– <permission name=”deploy/create” type=”ALL” />–>
<!– <permission name=”deploy/replace” type=”GROUP” />–>
<!– nodes (console manager) –>
<permission name=”console/prefs” type=”ALL” />
<permission name=”console/logging” type=”ALL” />
<permission name=”console/firmware” type=”ALL” />
<!– nodes (proxy server) –>
<permission name=”proxyserver/prefs” type=”ALL” />
<permission name=”proxyserver/logging” type=”ALL” />
<!– nodes (proxy instances) –>
<permission name=”proxynode/entries” type=”ALL” />
<permission name=”proxynode/certs” type=”ALL” />
<permission name=”proxynode/settings” type=”ALL” />
<!– nodes (bridge server) –>
<permission name=”bridgeserver/instances” type=”ALL” />
<permission name=”bridgeserver/plugins” type=”ALL” />
<permission name=”bridgeserver/licensing” type=”ALL” />
<!– <permission name=”bridgeserver/delete_instance” type=”GROUP” />–>
<permission name=”bridgeserver/resource” type=”ALL” />
<permission name=”bridgeserver/java” type=”ALL” />
<permission name=”bridgeserver/xslt” type=”ALL” />
<permission name=”bridgeserver/statistic” type=”ALL” />
<!– nodes (bridge instances) –>
<permission name=”bridgeinst/history” type=”ALL” />
<permission name=”bridgeinst/logging” type=”ALL” />
<permission name=”bridgeinst/prefs” type=”ALL” />
<permission name=”bridgeinst/prefs_modify” type=”GROUP” />
<permission name=”bridgeinst/prefs_modify_automatic_restart” type=”GROUP” />
<permission name=”bridgeinst/prefs_modify_logging” type=”GROUP” />
<permission name=”bridgeinst/prefs_modify_transaction_logging” type=”GROUP” />
<permission name=”bridgeinst/status” type=”ALL” />
<permission name=”bridgeinst/start” type=”GROUP” />
<permission name=”bridgeinst/stop” type=”GROUP” />
<permission name=”bridgeinst/export” type=”GROUP” />
<permission name=”bridgeinst/dump” type=”ALL” />
<permission name=”bridgeinst/dump_modify” type=”ALL” />
<permission name=”bridgeinst/templates” type=”ALL” />
<permission name=”bridgeinst/templates_modify” type=”GROUP” />
<permission name=”bridgeinst/state_classes” type=”ALL” />
<permission name=”bridgeinst/state_objectes” type=”ALL” />
<permission name=”bridgeinst/state_object” type=”ALL” />
<permission name=”bridgeinst/state_events” type=”ALL” />
<permission name=”bridgeinst/state_classes_modify” type=”GROUP” />
<permission name=”bridgeinst/state_objectes_modify” type=”GROUP” />
<permission name=”bridgeinst/state_object_modify” type=”GROUP” />
<permission name=”bridgeinst/state_events_modify” type=”GROUP” />
</role>
<role roleid=”USER” description=”Users”>
<!– common –>
<permission name=”common/welcome” type=”ALL” />
<permission name=”common/logout” type=”ALL” />
<permission name=”common/domain” type=”ALL” />
<permission name=”common/nodes” type=”ALL” />
<!– administration (users) –>
<permission name=”domain/users” type=”ALL” />
<permission name=”domain/user_modify” type=”OWNER” />
<permission name=”domain/user_modify_passwd” type=”OWNER” />
<!– nodes (console manager) –>
<permission name=”console/prefs” type=”ALL” />
<permission name=”console/logging” type=”ALL” />
<permission name=”console/firmware” type=”ALL” />
<!– nodes (proxy server) –>
<permission name=”proxyserver/prefs” type=”ALL” />
<permission name=”proxyserver/logging” type=”ALL” />
<!– nodes (proxy instances) –>
<permission name=”proxynode/entries” type=”ALL” />
<permission name=”proxynode/certs” type=”ALL” />
<permission name=”proxynode/settings” type=”ALL” />
<!– nodes (bridge server) –>
<permission name=”bridgeserver/instances” type=”ALL” />
<permission name=”bridgeserver/plugins” type=”ALL” />
<permission name=”bridgeserver/licensing” type=”ALL” />
<permission name=”bridgeserver/resource” type=”ALL” />
<permission name=”bridgeserver/java” type=”ALL” />
<permission name=”bridgeserver/xslt” type=”ALL” />
<permission name=”bridgeserver/statistic” type=”ALL” />
<!– nodes (bridge instances) –>
<permission name=”bridgeinst/history” type=”ALL” />
<permission name=”bridgeinst/logging” type=”ALL” />
<permission name=”bridgeinst/prefs” type=”ALL” />
<permission name=”bridgeinst/status” type=”ALL” />
<permission name=”bridgeinst/dump” type=”ALL” />
<permission name=”bridgeinst/state_classes” type=”ALL” />
<permission name=”bridgeinst/state_objectes” type=”ALL” />
<permission name=”bridgeinst/state_object” type=”ALL” />
<permission name=”bridgeinst/state_events” type=”ALL” />
</role>
</roles>