Roles provide a way for community administrators to group
permissions and assign them to users or user groups. Permissions define
the actions that a user can perform in a community.
When they assign roles, community administrators consider the tasks
of a user in the context of a particular community. For example, in
a development community, users who are analysts are not required to
modify or change development code and need browse, download, and submit
access. On the other hand, users who are analysts in the analyst community
can adopt full permissions so that they can modify existing assets
or upload new assets in their field of expertise.
Roles
A role is a collection
of permissions that administrators assign to users or user groups.
A role consists of a name, a description, permissions, and a scope.
Administrators can constrain the scope of a role by making permissions
apply to assets of specific types, classifications, or owners. Community
administrators assign roles to users or user groups to control the
level of access that users have to the assets of a community. For
example, users who have a role with permission to browse assets can
search for and view details about assets and their artifacts, but
cannot download or modify the asset.
Individual users can have
more than one role. They can also have different roles in different
communities.
Note: User groups, not roles, group repository users.
Default roles
Each
new community has default repository roles:
- Administrator: Community
administrators can assign roles and permissions to users and user
groups to define different levels of access to the community A use can have the role of community administrator
in more than one community, and one community can have multiple administrators.
Community administrators can add or remove other administrators from
their community. You can assign this role to individual users,
all users, or all signed-in users, but not to user groups.
- Asset Owner: This role is automatically
assigned to any user that owns an asset in the community. The permissions
associated with the Asset Owner role apply only to assets that the
user owns. For example, the Update assets permission
for this role allows the user to update the assets that they own,
but they cannot update assets that a different user owns. By default,
an asset owner can find and modify any asset that they have created,
regardless of its current state.
- Asset Review Board: This role is automatically
assigned to any user that is asked to be part of a review board for
an asset in a review process.
- Asset Consumer: A general role that allows
users to search, view, and download assets. You can assign this role
to individual users and user groups.
- Asset Producer: A general role that allows
users to search, view, download, create, and modify assets. You can
assign this role to individual users and user groups.
You can modify all roles for the community except for
Administrator. Community administrators can create additional roles
that can be assigned to users or user groups.
Available permissions
Community administrators
manage and assign permissions to roles in the community.
The following permissions are available
for you to choose from when you define roles for a community:
- Asset Review Board: The user can be a part
of an asset review board in a custom lifecycle.
- Create assets: Users can create new assets.
Creating assets includes describing and adding artifacts.
- Delete assets: Users can permanently delete
assets from the repository.
- Download assets: Users can download assets.
This permission includes describing and adding artifacts.
- Forums administration: Users can administer
forums. This permission includes modifying forum topics and posts
and creating connections to Rational® ClearQuest®.
- Publishing administration: Users can publish
assets to WebSphere® Registry Service and Repository.
- Read asset details: Users can view the
General Details pages for assets in this community.
- Search assets: Users can search for assets
by using keyword and filter searches.
- Subscribe to assets: Users can subscribe
to emails or RSS feeds to receive notification when an asset is modified.
- Update assets: Users can update the content
or descriptive metadata of assets.
Role constraints
Community administrators
can assign constraints to roles in a community. Constraints can limit
roles to specific asset types or asset categories.
For example,
you could create a category called Editable,
create a new role called Asset Editor with
the Update assets permission, and assign that role to all signed-in
users. This way, you can allow all users modify assets in a community
by assigning a category instead of creating additional user groups
or assigning roles individually.
Note: You cannot assign constraints to the
built-in roles of Administrator, Asset Owner, and Asset Review Board.
Additional roles for asset
lifecycles
When you create custom lifecycles, additional
roles are configured:
- Lifecycle manager: You can assign the lifecycle
manager role to users or user groups while you configure custom lifecycles for a community.
If you are a lifecycle manager for an asset, you gain the following
additional permissions:
- You can search for, view, and download the asset.
- You can modify the asset.
- You can view the asset on the My Dashboard page in the Assets
to Manage section.
- You can leave a comment on the Review page of the asset.
- You can adjust the lifecycle for the asset by adding or removing
reviewers, changing the permissions for reviewers, adding or removing
policies, and changing the conditions for the transitions between
lifecycle states.
- Reviewer: For each state of a custom asset
lifecycle, you can add users or user groups as reviewers.
Community administrators can add and remove reviewers as they configure custom lifecycles for a community.
Lifecycle administrators can add and remove reviewers as they modify the lifecycle for individual assets.
If you are a reviewer for an asset, you gain the following additional
permissions:
- You can search for, view, and download the asset.
- You can leave a comment on the Review page of the asset.
- If the Approver check box is selected,
you can vote to approve or reject the asset on the Review page. Approvals
and rejections are saved and can be used as conditions for changing
states. For example, the asset can change from Review to Approved
only if at least three reviewers have voted for Approve.