Roles
A role is a collection of privileges that are assigned to users or groups using class-level annotations.
Before defining roles on an agent, nsure that the agent is registered with the server. While defining roles, if there is a conflict in the names, the roles available on the server are used. You can change or delete roles imported to the server. When the last agent of a specific type is unregistered, associated roles are removed.
Roles can be assigned using class-level annotations. For example,
@TeaRoles({
@TeaRole(name = "Tomcat Admin", desc = "Manage all tomcat servers",
privileges = { @TeaPrivilege(permissions =
{ TeaPrivilege.FULL_CONTROL }) }),
@TeaRole(name = "Tomcat User", desc = "Read only access to all tomcat
servers", privileges = { @TeaPrivilege(permissions = {
TeaPrivilege.READ, TomcatAgent.UPDATE_PERMISSION }) }) })
})
public class TomcatServer {
@TeaRequires("Full Control")
public void changePort(@KeyParam final String key,
@TeaParam(name = "port", description = "New port number to use")
@Customize(value = "label=Port")
final int port) throws TeaIllegalArgumentException {
// code
}
}
As shown in the example, two roles are assigned: one for the Tomcat Administrator and one for a regular user.
- TeaRole
-
TeaRole annotation is used to assign the default roles provided by the agent. The roles are available in the TIBCO Enterprise Administrator server only after registering an agent of a specific agent type for the first time. They are removed when the last agent of a specific type is unregistered. After creation, roles can be changed by the TIBCO Enterprise Administrator SDK Server administrator.
- TeaRoles
- If a specific role already exists on the server, it will be ignored. To assign multiple roles by the same class, use the grouping annotation, TeaRoles.
- TeaPrivilege
- Defines the privileges of a role. A privilege describes a set of permissions that are granted to objects that match the specified path pattern. A role can have one or more privileges associated with it.