You are here: Web User Interface > Using the Interface > Security > Role Policies

Role Policies

Role policies are the set of activities that are permitted, for a given role, on each FME Server resource.

The Role Policies tab allows the administrator to adjust role membership in application resources by using checkboxes. This allows administrators to quickly assign role membership for a series of application resources.

Changes made in the Role Policies view are reflected in the Object Policies view and vice versa. Additionally, the Role Policies view provides a General category. This category provides more refined authorization for higher-level use cases.

Adjusting Role Membership

  1. To adjust role membership in a series of application resources, first choose a role from the pull-down menu.

  1. The view below will be populated with settings pertaining to the role you selected. To revoke access to an application resource from the role, uncheck the checkboxes corresponding to the application resource. To grant access to an application resource from the role, check the checkboxes corresponding to the application resource.
  2. Click the Apply Changes button. It is important to note that none of your changes will take effect until you click this button. (This is so you can review permissions settings before committing them to the server.)

General

This category controls top-level authorization of general functions in FME Server. Users without any of these top-level permissions (except Manage Engines) do not see the corresponding navigation link in the Web User Interface.

  • Manage Engines - Allows access to the Engines & Licensing page.
  • Manage Jobs - Allows the following on the Jobs page:
    • View jobs run by all users.
    • Cancel any job that is currently running.
    • Remove the history of jobs that were previously run.

    Note: Manage Jobs permission is not required for a user to view or cancel jobs they have run themselves. Manage Jobs permission is required to remove job history.

  • Manage Repositories - Allows access to the Workspaces page to manage repositories.
  • Note: Manage Repositories permission is not required to run a job from the Workspaces page. Only Run permission on the applicable repository is required (see Repositories).

  • Manage Schedules - Allows access to the Schedules page.
  • Manage Security - Allows access to the Security page.
  • Manage Services - Allows access to the Services page.
  • Manage Shared Resources - Allows access to the Resources page.
  • Manage Notifications - Allows access to the Notifications page.

Topics

Administrators have more refined control over authorization of topics. The permissions available are:

  • Read - Users are authorized to view topic information from FME Server.
  • Write - Users can edit topics from FME Server.
  • Publish - Users are authorized to publish notifications on topics in FME Server.
  • Remove - Users are authorized to delete topics—or subscriptions and publications bound to the topic—from FME Server

Resources

This category pertains to files stored in a Resources directory.

  • Download - Users are authorized to download files from this location.
  • Read - Users are authorized to read files from this location.
  • Write - Users can write to files in this location.
  • Upload - Users are authorized to upload files from this location.
  • Delete - Users are authorized to delete files in this location.

Services

Provides access to the FME Server Services.

Repositories

  • Download – Users are authorized to download workspaces and other repository items from FME Server into Workbench.
  • Read - Users are authorized to view repository information from FME Server.
  • Publish – Users are authorized to publish workspaces and other repository items to FME Server from Workbench.
  • Run – Users are authorized to run workspaces against FME Server
  • Note: Users must also be authorized to use the appropriate service (see Services) when running workspaces with that service.

  • Delete– Users are authorized to delete repository items from FME Server.

Administrators must uncheck all five permissions to completely remove the role from membership with the associated repository.

Connections

Provides access to Database Connections.

Applications

Provides access to desktop and web client applications that access FME Server.