You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

Archiva Security Roles

This document will attempt to explain the various Security Roles present in archiva, and how they are used.

NOTE: Archiva security is only enforced in the webapp.


Permanent Roles

Role Name

Permissions

Child Roles

System Administrator

P( archiva-manage-users, * )
P( archiva-run-indexer, * )
P( archiva-regenerate-index, * )
P( archiva-access-reports, * )

Global Repository Manager

User Administrator

P( archiva-manage-users, * ) 

-

Global Repository Manager

P( archiva-manage-configuration, * )
P( archiva-edit-configuration, * )
P( archiva-add-repository, * )
P( archiva-edit-repository, * )
P( archiva-delete-repository, * )

 

Global Repository Observer

P( archiva-read-repository, * )

 

Registered User



Dynamic Roles

Role Name

Permissions

Child Roles

Repository Manager

P( archiva-add-repository, dynamic_repository_id )
P( archiva-edit-repository, dynamic_repository_id )
P( archiva-delete-repository, dynamic_repository_id )
P( archiva-read-repository, dynamic_repository_id )

 

Repository Observer

P( archiva-read-repository, dynamic_repository_id )

-

Logical Explanation of Roles

System Administrator: access to everything
User Administrator: access to manager users and their role assignments
Registered User: access to edit their personal information
Global Repository Manager: has administrative access to setup and maintain managed and proxy repositories as well as manage content in the repository
Global Repository Observer: has complete access to read contents of all repositories
Repository Manager - X: has rights to manage content in the X repository
Repository Observer - X: has rights to read content in the x repository

Proposals

  1. Collapse P( archiva-edit-repository ), P( archiva-delete-repository ), and P( archiva-add-repository ) into a single permission P( archiva-change-repository )
  • No labels