Skip to main content

Role of GREG permission-mappings.xml


 GREG has a permission-mapping.xml. We can find it at /home/chanaka/Desktop/greg/wso2greg-5.2.0/repository/conf/etc/permission-mappings.xml


Each entry has three attributes.
  • managementPermission
  • resourcePermission
  • resourcePaths
 Ex:

managementPermission="/permission/admin/manage/resources/govern/server/list"
resourcePermission="http://www.wso2.org/projects/registry/actions/get"
resourcePaths="/_system/governance/trunk/servers"
/>

There are default configurations in this file. These entries are mapping each permission in the permission tree in to resource paths and assign them permissions.

With the above line in the permission-mappings.xml, an admin user who assign the permission "/permission/admin/manage/resources/govern/server/list" will be able to do get operations on registry resources stored at "/_system/governance/trunk/servers". We can provide multiple resource paths by separating them by comas.

There are 3 types of permissions you can apply.

  1. http://www.wso2.org/projects/registry/actions/get
  2. http://www.wso2.org/projects/registry/actions/add
  3. http://www.wso2.org/projects/registry/actions/delete
We can use these permissions to control each permission tree items behavior. 

   















































With the following documentation link we can find the default behavior implemented with this permission-mappings.xml.

https://docs.wso2.com/display/Governance520/Roles

Comments

Post a Comment

Popular posts from this blog

Using javascript to Include a html file inside another html file

When there is no server side functionality needed we create the whole site in plain html. Usually these sites have left/right side menu, top header, footer etc.. If the site grows in to 20, 30 pages, it will be a headache to do a simple change like changing footer text. We will have to change each page. If we were using a server side technology like PHP, JSP, etc.., we will have the chance to keep the common areas in the site in different pages and include these parts in each page using a “include” statements. We can do the same thing with the plain old html and javascript. But how? First you need to create the site main layout using divs and give them unique ids. <html> <title>HTML Includes</title> <script language="javascript" src="js/main.js"></script> <script src="js/prototype.js" type="text/javascript"></script> <script language="javascript" xml:space="preserve"> // <
6 comments
Read more

APIM 3.0 - populate multiple apis - bash script

Created a bash script to create, tag and publish multiple APIs. This is useful to populate data for the landing page. #!/bin/bash # get the URL consumer key clientId=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientId') clientSecret=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientSecret') echo $clientId echo $clientSecret encoded=$(echo -ne $clientId:$clientSecret | base64) echo $encoded # get access token accessToken=$(curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:api_view,apim:api_create" -H "Authorization: Basic $encoded" https://localhost:9443/oauth2/token | jq -r '.access_token'
Post a Comment
Read more

Overriding default look and feel of GREG - 5.3.0

Following list explains what are the best approach for different use cases. 1 ) - You created a new asset type, and you need to change the look and feel of the details page in the listing page just for that new asset type. To create a new asset type you need to login to the carbon console (username:admin, password:admin) https:// :9443/carbon/ Navigate to Extensions > Configure > Artifacts Click "Add new Artifact" link at the bottom of the page. By default in the "Generic Artifact" area "application" asset type is loaded. Note the shortName="applications" in the root node. "applications" is the name of the asset type. Browse in to /repository/deployment/server/jaggeryapps/store/extensions/assets Create a folder with name "applications"    Now we can override the files in /repository/deployment/server/jaggeryapps/store/extensions/app/greg-store-defaults   Since we are overriding the details page we need to
Post a Comment
Read more