[Anthill-pro] Permissions Recommendations

Mark_Melvin at amis.com Mark_Melvin at amis.com
Thu Oct 30 10:16:17 CST 2008 

Hi Brooke,

Thanks for the reply.  Can you explain this a little more?  When you say 
you create multiple roles per project, what exactly do you mean by that? 
You can only *create* roles in the Roles section of the Security part of 
the System administration page, right?  So do you mean you define a bunch 
of roles (lets say Role1, Role2, and Role3) here, and then for each 
project you select different combinations of permissions for these roles? 
For example, perhaps all three roles can "read" the project and "execute" 
the build/deploy workflow, but only Role2 and Role3 can "execute" certain 
other workflows in this project?

Oh and I finally figured out why I can't see anything on the Dashboard.  I 
need to set up read permissions on all of the parent folders containing my 
projects (I organized them in subfolders).  Incidentally, has anyone 
figured out what is meant by setting Default Permissions in point #4 from 
the docs below?  I can't figure out what they are referring to, and I 
can't seem to be able to set default permissions:

Permissions by Resource Type
Setting Permissions by Resource Type can be handy for a smaller number of 
items and Roles. For example, if you only want to manage a single item, 
use the By Resource Type. When a new resource type is created, it is 
automatically assigned the predefined Default Permissions (see Item 3 
below). If the new resource does not require additional permissions, only 
using the Default Permissions will make managing Resource Type Permissions 
easier.
1.      Go to System > Permissions under the Security menu.
2.      On the Permissions page, select the Permissions By Resource Type 
tab.
3.      Select a Resource Type from the drop-down menu and click Set.
4.      Select the read/write/security Default Permissions to be 
automatically added to every new resource type. To assign permissions to 
existing resource types, proceed to Item 5; otherwise, click Done.
5.      Select the Role from the Add Permission drop-down menu to 
determine the read, write, and/or security actions the role can perform on 
the resource. To remove a role from performing an action click the delete 
icon. Click Add.
6.      Click Done.

Thanks,
Mark.
----------------------------------------------------------




"Brooke Gravitt" <gravitt at gmail.com> 
Sent by: anthill-pro-bounces at lists.urbancode.com
10/30/2008 11:55 AM
Please respond to
gravitt at gmail.com; Please respond to
"AnthillPro user and support list."     <anthill-pro at lists.urbancode.com>


To
"AnthillPro user and support list." <anthill-pro at lists.urbancode.com>
cc

Subject
Re: [Anthill-pro] Permissions Recommendations






Mark,

    We create multiple roles per project. One role is mapped to the AD
group we have set up for the project team - anyone can run a
build/deploy workflow. The other roles narrow focus for specific
deployments ( to prod, for example ) or to allow users to admin
workflows for their own projects.

Brooke Gravitt
System Specialist - Infrastructure Architect
Build and Deployment Automation
678.474.3950
8+112-474-3950
Macy's Systems and Technology
5985 State Bridge Road
Johns Creek, GA 30097
brooke.gravitt at macys.com

On Thu, Oct 30, 2008 at 11:36 AM,  <Mark_Melvin at amis.com> wrote:
>
> Hi Everyone,
>
> So I have set up some role mappings to map my users from LDAP to Anthill
> roles, and I started out by adding people as simple "User"s.  However, 
it
> seems to me that this role by default is basically useless.  I can't see 
any
> build lives (not even read-only), and if I try to run reports I get no
> information.  I don't think I have misconfigured anything, but I suppose 
it
> is possible.
>
> So I guess my question is - what's the point of the "User" role?  Does
> anyone use it?  If I assign the role of Build Master to everyone then 
they
> can see builds, but they can also create/delete projects on the
> Administration tab, run secondary workflows, etc. - which is not what I
> want.  I guess the only option is to manually configure permissions on a
> per-project basis, but I kind of assumed even the guest user could at 
lease
> see or do "something".  Do people normally configure all of their
> permissions manually, on a per-project basis?
>
> Thanks,
> Mark.
> _______________________________________________
> Anthill-pro mailing list
> Anthill-pro at lists.urbancode.com
> http://lists.urbancode.com/mailman/listinfo/anthill-pro
>
>
_______________________________________________
Anthill-pro mailing list
Anthill-pro at lists.urbancode.com
http://lists.urbancode.com/mailman/listinfo/anthill-pro

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.urbancode.com/pipermail/anthill-pro/attachments/20081030/f5fe1d1b/attachment-0001.htm

More information about the Anthill-pro mailing list