Role Policies
Role policies are the set of activities that are permitted, for a given role, on each FME Server resource.
The Role Policies tab allows the administrator to adjust role membership in application resources by using checkboxes. This allows administrators to quickly assign role membership for a series of application resources.
Changes made in the Role Policies view are reflected in the Object Policies view and vice versa. Additionally, the Role Policies view provides a General category. This category provides more refined authorization for higher-level use cases.
Adjusting Role Membership
- To adjust role membership in a series of application resources, first choose a role from the pull-down menu.
- The view below will be populated with settings pertaining to the role you selected. To revoke access to an application resource from the role, uncheck the checkboxes corresponding to the application resource. To grant access to an application resource from the role, check the checkboxes corresponding to the application resource.
- Click the Apply Changes button. It is important to note that none of your changes will take effect until you click this button. (This is so you can review permissions settings before committing them to the server.)
General
This category controls top-level authorization of general functions in FME Server. Users without any of these top-level permissions (except Manage Engines) do not see the corresponding navigation link in the Web User Interface.
- Manage Engines - Allows Engine Management access.
- Manage Jobs - Allows access to the Jobs page.
- Manage Repositories - Allows access to the Workspaces page.
- Manage Schedules - Allows access to the Schedules page.
- Manage Security - Allows access to the Security page.
- Manage Services - Allows access to the Services page.
- Manage Shared Resources - Allows access to the Resources page.
- Manage Notifications - Allows access to the Notifications page.
Topics
Administrators have more refined control over authorization of topics. The permissions available are:
- Read - Users are authorized to view topic information from FME Server.
- Write - Users can edit topics from FME Server.
- Publish - Users are authorized to publish notifications on topics in FME Server.
- Remove - Users are authorized to delete topics—or subscriptions and publications bound to the topic—from FME Server
Resources
This category pertains to files stored in a Resources directory.
- Download - Users are authorized to download files from this location.
- Read - Users are authorized to read files from this location.
- Write - Users can write to files in this location.
- Upload - Users are authorized to upload files from this location.
- Delete - Users are authorized to delete files in this location.
Services
Provides access to the FME Server Services.
Repositories
- Download – Users are authorized to download workspaces and other repository items from FME Server into Workbench.
- Read - Users are authorized to view repository information from FME Server.
- Publish – Users are authorized to publish workspaces and other repository items to FME Server from Workbench.
- Run – Users are authorized to run workspaces against FME Server (from either services, Web UI or scheduler). NOTE: Users must also be authorized to use the appropriate service (see Services category) when running workspaces with that service.
- Delete– Users are authorized to delete repository items from FME Server.
Administrators must uncheck all five permissions to completely remove the role from membership with the associated repository.
Connections
Provides access to Database Connections.
Applications
Provides access to desktop and web client applications that access FME Server.