Product Knowledge Base

Space shortcuts

Page tree

Versions Compared

Old Version 10

changes.mady.by.user Alan Amos

Saved on

compared with

New Version 11

changes.mady.by.user Alan Amos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: 'Account Use' added

...

Once a User Account has been created for each role, the Accounts view would look like:

...

Account Use

The root User can now be logged out via the Profile Menu and the other User accounts testedused.

 

Show If
groupsos-members

The above screen shows seven default roles that are delivered with the JOC Cockpit are applicable for all JobScheduler Masters as they are delivered in the JOC Cockpit installation archive. In addition, the following configurations have been added:

  • A role jocc_test had been added with potential access to all JobScheduler Masters.
    • Note that if no permissions are specified for this relationship then this configuration will be removed when the current user leaves the Managing Accounts view.
  • Two JobSchedulers Masters have been specified and roles specific to these JobSchedulers configured:
    • An api_test Role has been created whose permissions are restricted to the JobScheduler Master with ID jobscheduler_1.11.

      • This configuration writes the following to the shiro.ini file:

        Code Block
        languagetext
        [roles]
...
api_test = jobscheduler_1.11:sos:products:commands:jobscheduler_master
...
    • The default application_manager Role has been configured prior to being given or losing permissions specifically for the jobscheduler_1.11_cluster.

      • This configuration writes the following to the shiro.ini file:

        Code Block
        languagetext
        [roles]
...
application_manager = ... , \
..................... jobscheduler_1.11_cluster:sos:products:joc_cockpit:jobscheduler_master:view, \
..................... ...

The Permissions View

The Permissions view is accessed by clicking on a Role in the Master view as indicated in the screenshot above.

The Permissions view allows Permissions and Folders to be specified for individual Roles:

  • either restricting the Role to accessing specific Folders within the live folder of the JobScheduler Master.
    • Note that the default setting is that a Role is allowed access to all Folders - however, after a first folder is specified, the Role will only be able to access that one Folder.
  • granting or removing Permissions for the Role.
    • Note that the default Permissions are none and that permissions can be granted and removed.

Image Removed

In the screenshot above the application_manager Role:

  • is only allowed to access the test Folder and all its child folders on the jobscheduler_1.11_cluster.
  • has been given the sos:products:joc_cockpit:jobscheduler_master:view permission for the jobscheduler_1.11_cluster - this is a higher permission than the default sos:products:joc_cockpit:jobscheduler_master:view permission and allows not just the default status but also parameters and the main log for this JobScheduler Master to be viewed.

The above Permissions add the following code to the shiro.ini file:

Code Block
languagetext
[folders]
jobscheduler_1.11_cluster|application_manager = /test/*
jobscheduler_1.11|api_test = /test/*
 

 

Individual Users can check - but not change - the Permissions they have been granted in the Profile View for their Account as can be seen in the following screenshot which shows part of the Permissions section for Administrator Account with the default administrator Role.

Note that as the default administrator Role is granted a limited Permissions Set, the Main Menu Bar in the JOC Cockpit only contains a link to the Dashboard view as can be seen in the screenshot below. In contrast, the root User Account has links for a further seven views (see the screenshots above).

By default the administrator role is granted Permissions for the Manage Accounts view and therefore the configuration of the User Accounts will continue using this Account rather than root.

Image Added

A matrix describing and listing the Permissions that are granted by default for the default Roles is available in the Authentication and Authorization - Permissions for the JOC Cockpit Web Service article.

In addition, the same article contains a link to a full list of all Permissions that can be granted.