Skip to main content
Solved

Grant read only access to a user based on a role

  • January 11, 2024
  • 1 reply
  • 96 views
krlem
Contributor
Forum|alt.badge.img+4
  • krlemContributor
  • Contributor

I have a Flow/Server running, where users access it via SAML authentication. Each user is then assigned to a role with appropriate permissions for a team user belongs to.

While users have fmeauthor permissions on Test environment, we have a requirement that users can get read only access on Prod env. With this jobs are run by a system account on the Prod. The challenge here is to find a way to let users be able to view "their" job logs, review configuration or perhaps validate generated data in FME_SHARED_RESOURCE_DIR .

 

Is there a way to configure role in a way so a user can view all jobs, job logs, automations, resources, etc.? For example: speaking about jobs - from what I can see I can either grant Jobs/Access permission (so user can see jobs ran by the user only) or Jobs/Manage (which grants too wide permissions for read only access).

 

Version: FME Server 2022.2.4, Build 22792 - linux-x64

Best answer by kate-safe

Hi @krlem​ !

Thank you for your post!

Unfortunately, the standard security roles built into FME Flow do not allow this access. For some features, you can adjust the summary access to a view-only (e.g. Resources, Repositories, etc.) which will reduce the access and allow users to access, but not make any critical changes. This ability though is not available for all things, such as jobs. I would recommend creating an Idea in our community so that other users can vote on this and our team can look at implementing this in the future!

View original
Did this help you find an answer to your question?

1 reply

kate-safe
Safer
Forum|alt.badge.img+6
  • kate-safeSafer
  • Safer
  • Best Answer
  • January 15, 2024

Hi @krlem​ !

Thank you for your post!

Unfortunately, the standard security roles built into FME Flow do not allow this access. For some features, you can adjust the summary access to a view-only (e.g. Resources, Repositories, etc.) which will reduce the access and allow users to access, but not make any critical changes. This ability though is not available for all things, such as jobs. I would recommend creating an Idea in our community so that other users can vote on this and our team can look at implementing this in the future!

Kate B (Technical Support Specialist)

Reply


Helpful Members This Week

Community Stats

30,940
Posts
117,251
Replies
38,742
Members

Latest FME

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.