Bug 1013506 - RBAC documentation [META-BUG]
RBAC documentation [META-BUG]
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation (Show other bugs)
Unspecified Unspecified
unspecified Severity urgent
: ---
: ---
Assigned To: eap-docs
Ladislav Thon
: Documentation, Tracking
Depends On: 1017679 1017794 1017805 1017811 1017812 1017818 1017825 1017829 1017831 1017834 1017846 1017849 1017851 1020937 1021607 1089243
Blocks: 999622 eap62-beta-blockers
  Show dependency treegraph
Reported: 2013-09-30 04:58 EDT by Ladislav Thon
Modified: 2014-12-11 01:16 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-12-11 01:16:52 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ladislav Thon 2013-09-30 04:58:33 EDT
As of EAP 6.2.0.ER3, the documentation for RBAC is missing.
Comment 2 Russell Dickenson 2013-10-01 09:36:06 EDT
The DRAFT documentation for this feature can be found at [1] in the ECS documentation mangement system. The existing content is expected to be filled out significantly by the end of this week.

[1] http://docbuilder.usersys.redhat.com/14874/#sect-Securing_the_Management_Interfaces_with_Role-Based_Access_Control
Comment 3 Ladislav Thon 2013-10-02 06:36:14 EDT
I took a quick look and I want to point out two outstanding things (CCing Darrin who, I believe, is the author):

1. In "Persistent vs Runtime Configuration", I wouldn't use the term "runtime configuration" as it's really no configuration. Basically, configuration is what I can find in the XML (that's why "persistent"). The developers suggested a term which I believe is a lot more appropriate: "runtime state". This term is also used in the permissions matrix.

2. This documentation doesn't consider deployments to be "application resources" or even "resources". I believe that this is wrong; for example, you can revoke permissions to deployments from the Deployer role, and it's done in the same way you grant permissions to other application resources. At the very least, the "Application Resources" section should mention deployments, as they are by default accessible to the Deployer.

Please, don't consider this to be a full QA review (the document isn't yet complete anyway), just a tiny hint provided slightly in advance.
Comment 7 Ladislav Thon 2013-10-18 10:53:55 EDT
The documentation is no longer missing, so I'm renaming this bug to make it clear that it's used as a meta-bug.

Note You need to log in before you can comment on or make changes to this bug.