Security Right
- Last UpdatedJun 21, 2024
- 5 minute read
You can package and deploy the Security Right definition along with its associated and child artifact from one environment or repository to another environment or repository using the Package feature in AVEVA Work Tasks.
To add Security Right to Package Template
-
Navigate to the Repository Settings > Advance Settings > Manage Security Rights.
-
Select the Security Rights that you want to package.
-
Right-click and then select Add to Package Template from the shortcut menu. The Add to Package Template screen appears. For more information on adding artifacts to Package Template, see Adding Artifacts to a Package Template.
Note: You cannot add standard Security Rights to the Package Template.
Associated Artifacts for Security Right definition
Security Right can have the following Associated Artifacts:
-
Dynamic Lists
-
Parent Custom Security Right
Note: If Parent Security Right is a standard Security Right then it cannot be packaged as an associated artifact.
Child Artifacts for Security Right definition
Security Right can have the following Child Artifacts:
-
Custom Security Right
-
Configuration settings for Security Right
The Manage Security Rights definition has an unique set of configuration settings required for installing, updating, and uninstalling the Package. The configuration settings can be edited and viewed from the Source Environment > Package Template screen or Target Environment > Manage Package screen. The Settings tab of the Manage Security Rights definition artifact allows you to define the configuration settings. The Associated and Child Artifacts tab displays the associated and child artifacts of the Manage Security Rights definition respectively.
-
Settings
-
Associated Artifacts
-
Child Artifacts
Settings tab: The properties in this tab allows you to take appropriate actions while installing, updating, or uninstalling the Package.
Install: The settings in this tab is referred to when installing the Package.
-
Security Rights Exists: This property allows you to take appropriate action when the Security Rights definition specified in the package is already present in the target environment.
-
Do not install Security Right: Select this option if you want to use the Security Right definition that is present in the target environment.
-
Install to overwrite existing Security Right: Select this option if you want to overwrite the Security Right definition that is present in the target environment with the one in the package.
-
-
Associated Artifacts Not Present: This property allows you to take appropriate action when the associated artifacts of the Security Right is not present in the target environment.
-
Install Security Right: Select this option if you want to install the Security Rights artifact, even if the associated artifacts are not present in the target environment.
-
Do not install Security Right: Select this option if you do not want to install the Security Rights artifact as its associated artifacts are not present.
-
-
Update: The settings in this tab is referred to when the same Package is installed for the consecutive time.
-
Delete Security Right: Select this option if you want to delete the Security Right definition that is present in the target environment.
-
Yes: Select this option to remove the Security Right definition in the target environment. On selection of this option, the Security Right Is Modified option appears.
Security Right is Modified
-
Retain: Select this option to retain the Security Right definition along with the modifications, in the target environment even after the Package is updated.
-
Rollback: Select this option to roll back to the original state. All modifications that were done to the Security Right definition after it was installed in the target environment will be reverted. However, the Security Right definition will be retained in the target environment.
-
Delete: Select this option to delete the Security Right definition from the target environment when updating the Package.
-
-
No: Select this option to retain the Security Right definition in the target environment. On selection of this option, the Security Right Exists option appears.
Security Right Exists
-
Do not install Security Right: Select this option to use the Security Right definition that is present in the target environment.
-
Install to overwrite existing Security Right: Select this option to overwrite the Security Right that is present in the target environment with the one present in the package.
Associated Artifacts not present
-
Update Security Right: Select this option to update the Security Rights even though no associated artifacts are present.
-
Do not update Security Right: Select this option if you do not want to update the Security Right artifact as associated artifacts are not present.
Note: If the Security Right exists in target repository while installing or updating the package then you cannot overwrite the security right definition if any one of the following items values are modified:
-
-
-
Title
-
Right Code
-
Scope of the Right
-
Value for the Right
-
Follower-specific value for the Right
-
Is this Right applicable to its Follower items?
Changing the type of any of the above-mentioned rights may result in any of the following:
-
Loss of data
-
Compromise of security
-
Enforcement of wrong privileges.
For example: Consider a right called "CanDoTask" is of "AllowDisallow,RequiresApproval" type of right, and the "Security Workflow" is selected for a particular security group (Say xyz), then when a user, who belongs to the "xyz" security group, logs on and tries to perform the particular task (CanDoTask) then the "Security Workflow" will be triggered and it will be available in approver's (say manager's) Inbox. Once the approver approves the Work Item the particular task will be done based on its approval; if the approver rejects then the task will not be allowed to be completed as it is rejected by the approver.
In this scenario, if you try to modify the type of "CanDoTask" right to "AllowDisallow" then the privilege and grant or deny the right to the users is enforced, which is not right.
Uninstall: This settings in this tab is referred to when the Package is being uninstalled in the target environment.
-
Delete Security Right: This property allows you to decide if you want to retain or delete the Security Right definition in the target environment even after the Package is uninstalled.
-
Yes: Select this option if you want to remove the Security Right definition from the target environment when the Package is uninstalled.
-
No: Select this option if you want to retain the Security Right definition in the target environment even after the Package is uninstalled.
-
-
Security Right is Modified: This option allows you to decide if you want to retain, roll back to original state or delete the Security Right definition in the target environment even after the Package is uninstalled. This property is displayed only if Delete Security Right is set to Yes. However, if Delete Security Right is set to No, this property is not displayed.
-
Retain: Select this option if you want to retain the Security Right definition along with the modifications, in the target environment even after the Package is uninstalled.
-
Roll back to original State: Select this option if you want to roll back to the original state. All modifications that were done to the Security Right definition after it was installed in the target environment will be reverted. However, the Security Right definition will be retained in the target environment.
-
Delete: Select this option if you want to delete the Security Right definition from the target environment when uninstalling the Package.
-
Associated Artifacts
This tab displays all the associated artifacts of the selected Security Right definition.
Child Artifacts
This tab displays all the child artifacts of the Security Right definition.