THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Archiva Security Roles
This document will attempt to explain the various Security Roles present in archiva, and how they are used.
| Note |
|---|
NOTE: Archiva security is only enforced in the webapp. |
Permanent Roles
Role Name | Permissions | Child Roles |
|---|---|---|
System Administrator | P( archiva-manage-users, * ) | Global Repository Manager |
User Administrator | P( archiva-manage-users, * ) | - |
Global Repository Manager | P( archiva-manage-configuration, * ) |
|
Global Repository Observer | P( archiva-read-repository, * ) |
|
Registered User |
Dynamic Roles
Role Name | Permissions | Child Roles |
|---|---|---|
Repository Manager | P( archiva-add-repository, dynamic_repository_id ) |
|
Repository Observer | P( archiva-read-repository, dynamic_repository_id ) | - |
Logical Explanation of Roles
System Administrator: access to everything
User Administrator: access to manager users and their role assignments
Registered User: access to edit their personal information
Global Repository Manager: has administrative access to setup and maintain managed and proxy repositories as well as manage content in the repository
Global Repository Observer: has complete access to read contents of all repositories
Repository Manager - X: has rights to manage content in the X repository
Repository Observer - X: has rights to read content in the x repository
Proposals
- Collapse P( archiva-edit-repository ), P( archiva-delete-repository ), and P( archiva-add-repository ) into a single permission P( archiva-change-repository )