Skip to main content

Role of GREG permission-mappings.xml


 GREG has a permission-mapping.xml. We can find it at /home/chanaka/Desktop/greg/wso2greg-5.2.0/repository/conf/etc/permission-mappings.xml


Each entry has three attributes.
  • managementPermission
  • resourcePermission
  • resourcePaths
 Ex:

managementPermission="/permission/admin/manage/resources/govern/server/list"
resourcePermission="http://www.wso2.org/projects/registry/actions/get"
resourcePaths="/_system/governance/trunk/servers"
/>

There are default configurations in this file. These entries are mapping each permission in the permission tree in to resource paths and assign them permissions.

With the above line in the permission-mappings.xml, an admin user who assign the permission "/permission/admin/manage/resources/govern/server/list" will be able to do get operations on registry resources stored at "/_system/governance/trunk/servers". We can provide multiple resource paths by separating them by comas.

There are 3 types of permissions you can apply.

  1. http://www.wso2.org/projects/registry/actions/get
  2. http://www.wso2.org/projects/registry/actions/add
  3. http://www.wso2.org/projects/registry/actions/delete
We can use these permissions to control each permission tree items behavior. 

   















































With the following documentation link we can find the default behavior implemented with this permission-mappings.xml.

https://docs.wso2.com/display/Governance520/Roles

Comments

Post a Comment

Popular posts from this blog

Making of my Fist Game ( Angry Wives )

My Fist Game !!! Finally I was able to finish it. It's been two and half years since I start investing my extra time on this. It all started with a joke. My current working place is a real fun place to work. We usually hangout on teatime and through out any thing we got on each other. We use to sit on a circle and pick a subject and laugh the guts out. Ones we were talking about a particular slow server, we thought about letting the users play a game while it loads. Game like Angry Birds. Then an idea came to modify the Angry Birds game to something like Angry Babes. So instead of this birds there are hot hot girls flying and killing dudes inside building blocks. Then I started wondering, " What if this can be done for real? " "How practical is this?" "Can a single person do this?" I think I have done a research on mobile game purchase statistics, it turns out to be IOS users have more trend over buying stuff than Android users. So IOS wa
Post a Comment
Read more

APIM 3.0 - populate multiple apis - bash script

Created a bash script to create, tag and publish multiple APIs. This is useful to populate data for the landing page. #!/bin/bash # get the URL consumer key clientId=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientId') clientSecret=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientSecret') echo $clientId echo $clientSecret encoded=$(echo -ne $clientId:$clientSecret | base64) echo $encoded # get access token accessToken=$(curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:api_view,apim:api_create" -H "Authorization: Basic $encoded" https://localhost:9443/oauth2/token | jq -r '.access_token'
Post a Comment
Read more

Overriding default look and feel of GREG - 5.3.0

Following list explains what are the best approach for different use cases. 1 ) - You created a new asset type, and you need to change the look and feel of the details page in the listing page just for that new asset type. To create a new asset type you need to login to the carbon console (username:admin, password:admin) https:// :9443/carbon/ Navigate to Extensions > Configure > Artifacts Click "Add new Artifact" link at the bottom of the page. By default in the "Generic Artifact" area "application" asset type is loaded. Note the shortName="applications" in the root node. "applications" is the name of the asset type. Browse in to /repository/deployment/server/jaggeryapps/store/extensions/assets Create a folder with name "applications"    Now we can override the files in /repository/deployment/server/jaggeryapps/store/extensions/app/greg-store-defaults   Since we are overriding the details page we need to
Post a Comment
Read more