Administration Guide > Authorization System > Access to Objects

Access to Objects

Authorizations for users and user groups can be defined on objectAutomation Engine controlled activities and processes are structured in the form of objects. See also: Task level. By doing so, users and user groups obtain exclusive access rights to a particular object.

This is a very restrictive functionPre-defined run book template in the Automation Engine. One single step only, e.g. Start Windows Service, Copy file,… and should only be used in exceptional cases. If no access rights have been defined for an object,  it can be accessed by all authorized users. Objects including their properties play an important role in the authorization system.

When accessing an object, the system first checks whether the userIn the Automation Engine, a user is an instance of a User object, and generally the user is a specific person who works with Automic products. The User object is assigned a user ID and then a set of access rights to various parts of the Automation Engine system and product suite. These access rights come in the form of Automation Engine authorizations and privileges, Decision user roles and EventBase rights and ARA web application object rights. You can manage all these centrally in the ECC user management functions. See also, Unified user management. has the relevant right in the User object. If so, the access rights are subsequently checked on object level.

Object authorizations are called using the Properties command from the File menu or Explorer's context menu. Access is only granted to users who have a write permission (W) for the particular object.

On object level, you can only define access rights. These rights describe the functions that are available for a particular user or all members of a user groupA group of users who have a common profile of rights. A particular object type in the Automation Engine. User groups are an organizing construct to help you better manage users because you can grant user groups access rights the same way that you grant various access rights to a single user. All users in the user group are automatically given those access rights. This makes managing users not only more efficient but also more secure because working with user groups gives you a better overview of what rights are assigned.. As soon as authorizations have been assigned to a particular object, access is denied to all other users and user groups . At least one user or user group must have write access to this object as otherwise, authorizations cannot be modified anymore. A dialog informs about this requirement when authorizations are defined.

The access type can be selected or unselected using the space bar or the mouse button. Click Apply in order to activate access rights immediately.

Table column

Description

R

Access type: Read

W

Access type: Write

X

Access type: Execute

D

Access type: Delete

C

Access type: Cancel

S

Access to statisticsThis is a list of a task's previous runs.

P

Access to reports

M

Access type: Modify at runtimeThe duration of a task's execution. It refers to the period between a task's start and end. It does not include its activation period (see also: activation and start).

L

Allows Service Orchestrator (SVO) users to define Automation EngineThis component drives an Automation Engine system and consists of different types of server processes. SLAs for objects with the allowed object types.

Problems can arise if objects are transferred to other AE systems or clients which include individual access rights that are defined in their properties. These transferred objects cannot be accessed unless all specified users and user groups are also available in the new environmentAn Environment consists of Deployment Targets which represent your endpoints. Different environments are used for different phases in the software delivery cycle, for example Development, QA, Staging, Production. An environment is typically set up once and used by several applications..

 

 


Automic Documentation - Tutorials - Automic Blog - Resources - Training & Services - Automic YouTube Channel - Download Center - Support

Copyright © 2016 Automic Software GmbH