Enabling Instance-Based Permissions on an Agent
By using instance-based permissions, users can now enforce permissions on a particular instance of an entity type.
When you assign instance-based permission to a given agent, you can control whether or not the permission is applicable to the user, group, or role on one or more instances of an entity type. In addition to that, you can also control whether the permission must be assigned to one or multiple instances of an entity type. .
Prerequisites
The following points are the prerequisites to enable instance-based permissions:
- The separator character used in ObjectKey has to be unique and consistent across the agent.
- An ObjectType can have only one parent ObjectType.
- Cyclic parent-child relationship among the ObjectType instances is not supported.
- In a given ObjectKey for an ObjectType, the ObjectKey of the parent must have a prefix of the current ObjectKey.
- A response from TeaOperation can be filtered only if it is an instance of AgentObjectIdentifier (AOI). Plain Java objects (POJO) cannot be filtered by the TIBCO Enterprise Administrator server.
- An ObjectKey cannot contain a separator character unless it is separating the key of the current object from that of its parent.
- ObjectKey should not contain the * (star) character. Also make sure that the agent separator is not a *( star) character.
To enable instance-based permissions, the TIBCO Enterprise Adminstrator server must recognize the hierarch of entity types. Perform the following steps to ensure that the TIBCO Enterprise Adminstrator server recognizes the hierarchy of entity types.
Procedure
Copyright © Cloud Software Group, Inc. All rights reserved.