Learn how to assign permissions based on roles or client access Licenses
Introduction: IBM Rational Team Concert provides a wealth of components to support software lifecycle management. Actions provided by components such as process and Work items are controlled by the appropriate permission settings. This article describes various aspects that affect the authentication of specific component operations in a Jazz repository, and the logic behind these operations permission lookups.
role-based Privilege Control
There are two levels of operation in Ibm®rational®team concert, which run on top of the ibm®jazz™ technology platform:
Repository-level actions: In the example, a user is created or files are created for the user, and the project area is built on the Jazz platform.
Action for a particular component: it can also be called a resource operation that you can perform within a project or team area. This type of operation is controlled by the project area process specification or by components defined within the team area process customization.
Attention:
The Archive and Modify project areas are operations on specific components, not repository-level operations, because permission settings are defined in the process component and can be configured.
The ability to perform repository-level operations is primarily determined by the permissions of the repository hierarchy, except in the case of creating a new project area. For example, if you do not have a jazzadmins repository role assigned, you cannot create a new user, in which case you will get an error message as shown in Figure 1 if you create a new user.
Figure 1. "Saving user failed" information
In order to create a new project area, you need to have both the Jazzadmins role permissions and the necessary Client access licenses (Client Access license,cal). If you don't have these two, you'll get the information shown in Figure 2.
Figure 2. "Saving Project Area failed" information