Project

General

Profile

Actions

Bug #4960

closed

The documentation gives no examples about role management in Rudder

Added by Matthieu CERDA over 8 years ago. Updated almost 8 years ago.

Status:
Released
Priority:
3
Assignee:
Matthieu CERDA
Category:
Documentation
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Regression:

Description

There are a lot of things about role management that used to be in rudder-users.xml and have been removed, that should be put in the documentation instead to prevent duplication and poor maintenance.

Extract of things to put in the doc (to be improved and "asciidoc'ed"):

  Authorizations
    You must define a role attribute to every user you add.
  A role is defined by a list of authorizations separated by commas.
  There's two kind of authorizations : 

  Predefined authorizations

  There are 7 predefined authorization levels:
    - administrator (all rights)
    - administration_only (all administration)
    - user (all node, configuration)
    - configuration(all configuration)
    - read_only (read all)
    - compliance(read rule)
    - inventory (read node)

  There is three predefined roles for change request rights:
    - validator (Can valid changes)
    - deployer  (Can deploy changes)
    - workflow  (Both deployer and validator)
  The administrator role include the workflow ones

  Custom authorizations

  Custom authorisations are composed of two elements:
    - A type of authorization, which define what is concerned
      there's is 10 types, which are : node, group, deployement,
      administration, configuration, rule, technique, directive,
      validator and deployer.
    - A level of authorization, 
      levels are: read, write, edit, all(read, write, edit)
      They are not inclusive (write and edit don't include read,)
      a custom authorisation has a format like that "type_level" like "node_all", "group_read" 

  Examples

      <user name="alice"  password="xxxxxxx" role="administrator" />
      <user name="bob"    password="xxxxxxx" role="read_only"/>
      <user name="carol"  password="xxxxxxx" role="user,validator"/>

      <user name="custom" password="custom" role="node_all,configuration_read,rule_read,rule_edit,directive_read,technique_read">
      -> can read everything but administration,groups and deployement
      -> can do everything about node

  exemple of bad lines
  <user name="" password="secret2" role="administrator"/>
  <user name="name" password="" role="administrator"/>


Related issues 1 (0 open1 closed)

Related to Rudder - Bug #4972: The documentation should reflect the change to the default Rudder usersReleasedJonathan CLARKE2014-06-09Actions
Actions #1

Updated by Matthieu CERDA over 8 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Matthieu CERDA to Jonathan CLARKE
  • % Done changed from 0 to 100
  • Pull Request set to https://github.com/Normation/rudder-doc/pull/61

PR is ready !

Actions #2

Updated by Matthieu CERDA over 8 years ago

  • Status changed from Pending technical review to In progress
  • Assignee changed from Jonathan CLARKE to Matthieu CERDA
  • Target version changed from 2.11.0~beta1 to 2.6.14
  • % Done changed from 100 to 80
  • Pull Request deleted (https://github.com/Normation/rudder-doc/pull/61)

Retargetting to 2.6 as asked kindly by JCL :)

Actions #3

Updated by Matthieu CERDA over 8 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Matthieu CERDA to Jonathan CLARKE
  • % Done changed from 80 to 100
  • Pull Request set to https://github.com/Normation/rudder-doc/pull/62

PR is ready

Actions #4

Updated by Matthieu CERDA over 8 years ago

  • Status changed from Pending technical review to Pending release

Applied in changeset commit:4dc440949a797df1cfb36c37475a1850a1ce9758.

Actions #5

Updated by Matthieu CERDA over 8 years ago

  • Assignee changed from Jonathan CLARKE to Matthieu CERDA
Actions #6

Updated by Jonathan CLARKE over 8 years ago

  • Priority changed from 1 to 3
Actions #7

Updated by Vincent MEMBRÉ over 8 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder versions that were released today.

Actions #8

Updated by Benoît PECCATTE almost 8 years ago

  • Project changed from 30 to Rudder
  • Category set to Documentation
Actions

Also available in: Atom PDF