Bug 1017825

Summary: Clarifications and small rewording suggested in the "Supported Roles" chapter
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Ladislav Thon <lthon>
Component: DocumentationAssignee: Dana Mison <dmison>
Status: CLOSED CURRENTRELEASE QA Contact: Ladislav Thon <lthon>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.2.0   
Target Milestone: GA   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Build Name: 14874, Administration and Configuration Guide-6.2-1 Build Date: 10-10-2013 14:56:59 Topic ID: 23151-544761 [Latest]
Last Closed: 2013-12-17 01:01:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1013506    

Description Ladislav Thon 2013-10-10 14:58:32 UTC 
Title: Supported Roles

Describe the issue:

Besides few clarification and rewording suggestions below, there is one somewhat bigger issue: the text is using a word "sensitive" that I believe wasn't defined. It is pretty important though (as there are some configuration elements that deal with it).

1. "The Operator role extends the monitor role"

2. "Administrator is the only role that has access to sensitive data and operations."

3. "This role can also configure the access control system, configure the data sensitivity levels, and assign resources as deployment resources."

4. "The Deployer role has the same permissions as the Monitor, but can modify configuration and state for deployments and any resource type enabled as an application resource."

Suggestions for improvement:

1. "The Operator role extends the Monitor role"

2. Clarify that the SuperUser is of course also allowed to access sensitive things.

3. Clarify that Administrator cannot configure the Auditor and SuperUser roles, because if he could, he could be able to make himself an Auditor or a SuperUser. Also, it's not "deployment resources" but "application resources".

4. If we start to consider deployments to be ordinary resources, like I suggest in bug 1017812, this would need to be reworded.