Access control settings work in conjunction with roles to define the permissions for
a user. Roles define the permissions for categories of entities, such as all
dataflows or all database resources. Access control settings define the permissions
for specific entities, such as a specific job or a specific database connection.
In order to configure access controls you must have View and Modify permissions to
these secured entity types:
- Security - Access Control
- Security - Roles
- Security - Users
To configure access control:
-
In Management Console, go to .
-
Click the Access Control tab.
-
Click the Add button .
-
Do one of the following:
- If you want to specify access controls for a role, click
Role. The access control permissions you specify will
affect all users who have the role you choose.
- If you want to specify access controls for a single user, click
User. The access control permissions you specify will
only affect the user you choose.
-
Select the role or user for which you want to define access controls.
-
Click the Add button .
-
Select the secured entity type that contains the secured entity you want. For
example, if you want to configure access control for a dataflow, choose
Platform.Dataflows.
-
Choose the secured entity you want to configure access controls for, then click
the >> button to add it to the Selected
Entities list.
-
Click Add.
The secured entities you chose are displayed. The check boxes indicate the
permissions in effect for the selected role or user.
-
Specify the permissions that you want to grant for each secured entity. Each
secured entity can have one of the following permissions:
|
The permission is inherited from the role. |
|
The permission is inherited from the role and cannot be
overridden. |
|
The permission is granted, overriding the permission
specified in the user or role. |
|
The permission is denied, overriding the permission
specified in the user or role. |
Access Control Example
The following shows access control settings for the role
RetentionDepartmentDesigner.
In this example, the Platform.Dataflow secured entity type is
set to allow the View and Modify permissions but not the Delete permission. So by
default, any user that has the RetentionDepartmentDesigner role would have these
permissions for all dataflows. However, you want to prevent users with this role
from modifying the ExampleJob1 dataflow only. So, you clear the checkbox in the
Modify column for ExampleJob1. Now users with this role will not be able to modify
this dataflow but will still be able to modify other dataflows.