JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 7

changes.mady.by.user Aditi Dubey

Saved on

compared with

New Version 8

changes.mady.by.user Aditi Dubey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • A graphical editor as shown in the next screenshot:
    Image Modified
  • Changes to the Permissions tree are saved in the database.
  • The Undo button allows the last 10 changes made to be undone stepwise.
    • The states saved in the Undo button will be deleted when the Permissions tab is left.
  • The ResetRedo button changes the Permissions tree back to the initial state when the Permissions Tab was opened.
    • The state stored in the ResetRedo button will be deleted when the Permissions tab is left.
  • Clicking on the middle of a Permission icon will grant the Permission for the current Role.
    • Granted Permissions have a blue background and are by default recursive.
  • The "+" and "-" symbols at the right of each Permission icon open and close child branches.
  • The "-" and "+" symbols at the left of each Permission icon are used to revoke a higher Permission and are by default recursive.
    • Permission icons affected by revoked Permissions are shown with a gray background 

  • A list editor as shown in the next screenshot:

    • Individual Permissions can be modified and removed from the Role using the pencil and X symbols that are blended in when the user's mouse is moved over a Permission:
    • The Edit function allows the Permission to be made subtractive - i.e. for permission granted at a higher level to be removed.
    • The Folder part of the view is for restricting the Role to accessing particular Folders - and thereby particular workflow.

Initial Configuration

Creating and Configuring User Accounts and Roles

System administrators will likely want to create and configure their own User Accounts and Roles, for example, limiting access to resources such as JobScheduler objects and logs.

It is often easier to create Manage new Roles, assign Permissions or Folders to these Roles and then create new User Accounts and assign Roles to them.

Creating a new Role

  • New Roles are created in the Manage roles tab using the Add Role button:
    Image Added
  • Once a new Role has been created it will be automatically added to the list of Roles shown in the background of the screenshot above.

Configure Permissions and/or Folders for the Role

  • Now expand the Role using the arrow button click on the default (blue link) to add Permissions and/or Folders in the Permissions tab. The Procedures available for adding and editing Permissions and Folders are described in the Editing User Permissions and Folders sections below.
    • Note that Roles that neither have Permissions or Folders assigned to them are deleted automatically when the Manage Identity Service view is left.

Create a new User Account

  • After Permissions / Folders have been configured select the Accounts tab to create a new User Account and allocate one or more Roles to this Account.

    Image Added
  • The Edit Account function is accessed by clicking the relevant Action symbol (ellipsis) in the  Actions column of the User Accounts list (visible in the background of the above screenshot). This can be used to change the Password, the Account name and add or remove Roles. 
    • Note that deselecting a Role in this modal window 'uncouples' the Role from the User Account - it does not delete the Role. 

Editing User Permissions

Permissions Structure

Permissions are strictly hierarchical:

  • A Role with the Permission sos:products:controller:view 'only' allows a User to view Controllers, while a User with the 'higher' sos:products:controller Permission is able not only to view Controllers but able to carry out other operations - in this case, view, restart, terminate, and switch_over.
  • The JS7 - Permissions article contains a link to a full list of all Permissions that can be granted.

Editing Permissions


Caution

Users have to have a Role with the following Permission - or higher - before they are able to log into the JOC Cockpit:

  • sos:products:joc_cockpit:jobscheduler_master:view:status

Shiro Identity Service Settings

...