You are reading the documentation for an outdated Corteza release. 2023.9 is the latest stable Corteza release.

Permission Evaluation

The permission evaluation feature allows administrators to check which actions or operations can be performed by a user or a combination of roles. The evaluation entails comparing the different roles assigned to a user to determine the user’s ability to perform the various operations within a resource.

Corteza RBAC uses the roles of the given user to determine if they have access to a given resource.

How to evaluate applied permissions

Most of the Corteza resources allow you to define which roles are allowed to access the resource. Locate the permissions button in the user interface in order to manage the resource.

Annotated image

Navigate to the desired resource, and click the permissions.

Annotated image

Click the add + button. A popup window with two dropdown options displays, the select role(s) and search or select user.

Annotated image

Click on the select roles or the select user dropdown and select a role or a user to evaluate. Only one of two options can be applied.

Annotated image

Click on the save button.

Annotated image

If you chose role evaluation, repeat the step again, choosing a different role in order to evaluate the permissions applied to the different roles.

Annotated image

Permission Evaluation on Components

Corteza has three key resource components, namely: System, Compose and Automation. Each resource component has operations that are performed in it.

Permissions to the various operations within a component resource are subject to the roles assigned to a user.

Permissions can be evaluated by selecting a combination of roles or a particular user.

Follow these steps to access and evaluate the system, compose and automation permissions.

Navigate to your Corteza instance (such as local.cortezaproject.org) and click the Admin area application.

A new screen showing you all of the available components will appear. Each component has a permissions button.

Click on the permissions button on either system, compose or the automation component. A new screen appears that displays a list of all the available operations within a component.

Annotated image

Click on the add + button. A popup window appears with two dropdown options.

Annotated image

Click on the evaluate button and then click on the select roles or the select user dropdown and select a role or a user to evaluate. Only one of two options can be applied.

Annotated image

Click on the save button.

Annotated image

If you chose role evaluation, repeat the step again, choosing a different role in order to evaluate the permissions applied to the different roles.

Annotated image