Bug 1013506
| Summary: | RBAC documentation [META-BUG] | ||
|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Ladislav Thon <lthon> |
| Component: | Documentation | Assignee: | eap-docs <eap-docs> |
| Status: | CLOSED NOTABUG | QA Contact: | Ladislav Thon <lthon> |
| Severity: | urgent | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.2.0 | CC: | jkudrnac, myarboro, rdickens, smumford, twells |
| Target Milestone: | --- | Keywords: | Documentation, Tracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-12-11 06:16:52 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1017679, 1017794, 1017805, 1017811, 1017812, 1017818, 1017825, 1017829, 1017831, 1017834, 1017846, 1017849, 1017851, 1020937, 1021607, 1089243 | ||
| Bug Blocks: | 999622, 1010473 | ||
|
Description
Ladislav Thon
2013-09-30 08:58:33 UTC
The DRAFT documentation for this feature can be found at [1] in the ECS documentation mangement system. The existing content is expected to be filled out significantly by the end of this week. [1] http://docbuilder.usersys.redhat.com/14874/#sect-Securing_the_Management_Interfaces_with_Role-Based_Access_Control I took a quick look and I want to point out two outstanding things (CCing Darrin who, I believe, is the author): 1. In "Persistent vs Runtime Configuration", I wouldn't use the term "runtime configuration" as it's really no configuration. Basically, configuration is what I can find in the XML (that's why "persistent"). The developers suggested a term which I believe is a lot more appropriate: "runtime state". This term is also used in the permissions matrix. 2. This documentation doesn't consider deployments to be "application resources" or even "resources". I believe that this is wrong; for example, you can revoke permissions to deployments from the Deployer role, and it's done in the same way you grant permissions to other application resources. At the very least, the "Application Resources" section should mention deployments, as they are by default accessible to the Deployer. Please, don't consider this to be a full QA review (the document isn't yet complete anyway), just a tiny hint provided slightly in advance. The documentation is no longer missing, so I'm renaming this bug to make it clear that it's used as a meta-bug. |