Managing profiles and rights
Required Rights (by category) |
Server Administration User Management |
Access | Preferences → Profiles |
Rights grant users the possibility to view, create and modify various DROPS entities. If the proper access rights are not granted to a profile, access to the corresponding entity (ex:
Rights are granted to users via profiles. A profile is packed with rights that determine which items a user should be able to access throughout DROPS and if they can edit them or not. Profiles are assigned to individual users.
The DROPS Studio has one default profile that contains all of the rights available. This All Rights profile is automatically assigned to the default administrator so that he can manage new profiles for all future users.
There is no limit on how many profiles can be created. Depending on the organization of your team, the definition of more specific profiles, corresponding exactly to the attributions of each user, is essential for a well-secured system.
In terms of authorization, there is no overlap between roles and rights. However, it is important to carefully assign rights that correspond to an entity to a user’s profile so that when he is assigned a role his access is unrestricted.
Roles are used to authorize users to perform actions involved in the import or deployment processes while rights are used to grant authorization to create, access and/or modify the entities involved in the processes.
If a user has the Repository Manager role for an application and has the right to view applications but does not have the right to edit them, all applications will be read-only. The user can still carry out the processes associated with the application because of their Repository Manager role, such as importing artifacts, but he cannot manage the release number version for the application because his application editing rights are restricted.
Open the Profiles menu to access and define the list of existing profiles.
To create a new profile click the Create button. Fill in the required code and name in the dialog.
Defined profiles are available in the Preferences menu and in the Profiles tab of the User editor.
Select a profile and click the Edit button to change the defined code and/or description.
To delete a profile select it and click the Delete button.
Click OK to save.
To grant rights to a profile, select it from the list and click the Rights button. If the profile already has rights assigned to it, they are listed in Right Definition dialog. Click the Add... button to display the list of Available Rights which contains all of the rights not yet assigned to the profile.
The rights are categorized by DROPS entity or by action. Select the individual right(s) intended for the chosen profile (Ctrl+click
to select multiple rights) then click OK to add them to the list of that profile's rights.
Remove rights granted to a profile by selecting them from the list and clicking the Remove button.
Click OK to save.
For more information about the different rights available in the DROPS Studio, refer to Rights.
After a profile is created, it is available to be assigned to individual users. It is recommended to define the rights for each profile before assigning them to users in order to best organize the authorization hierarchy. If the profiles are well-defined in advance, it will be easier to know which user(s) to assign based on their intended tasks.
For more information about creating users or assigning profiles to users, refer to Accessing your profile and rights.