Permissions

A string on the basis of which access control is enforced. The agent decides the granularity of the permissions that it provides.

A permission could be as fine-grained as UpdateConfig which is applicable to only one operation, or it could be as coarse-grained as Full Control which applies to the entire system. A Privilege is a collection of permissions that are applicable to an object or a collection of objects.

Other than the permissions contributed by the agent, by default, TIBCO Enterprise Administrator provides two permissions to every agent: read and full_control. Having full_control is not equivalent to a user with the TEA_ADMIN role. A user with the TEA_ADMIN role can access Machine Management and User Management panes that a user with full_control cannot.

Note: You will be able to see the read and full_control permissions only if the agent is registered with the TIBCO Enterprise Administrator 1.2 and above.

  1. Adding Permissions to a User-Defined Role
    You can add new permissions to roles defined by a user. However, you cannot add permissions to agent-defined roles.
  2. Removing Permissions
    You can remove permissions from a role that is defined by the user, but not the permissions contributed by the agent.
  3. Viewing Permissions
    You can view permissions contributed by an agent.
Related concepts