| Oracle® Fusion Middleware Configuration Guide for Oracle Enterprise Repository 11g Release 1 (11.1.1.4.0) E16580-06 |
|
 Previous |
 Next |
| Oracle® Fusion Middleware Configuration Guide for Oracle Enterprise Repository 11g Release 1 (11.1.1.4.0) E16580-06 |
|
Previous |
Next |
This chapter provides an overview of the basic configurations required to use Oracle Enterprise Repository.
This chapter contains the following sections:
In Oracle Enterprise Repository, all users are assigned roles. Roles define the Oracle Enterprise Repository functionality that can be exercised by each user. In order for a user to access any files associated with assets in Oracle Enterprise Repository, the user must be assigned to a project.
Projects are the primary means of gathering metrics in Oracle Enterprise Repository. Oracle Enterprise Repository tracks assets produced by projects, as well as assets consumed by projects. Oracle Enterprise Repository users are assigned to projects, and when a user submits a new asset, they are prompted for the producing project. Similarly, when a user wants to reuse an asset, they are prompted for the project on which the asset is reused. Both Users and Projects are assigned to Departments. This is convenient from a reporting standpoint, as organizations can then track the production and consumption of reusable assets to a specific department.
Figure 1-1 describes the relationships between Users, Roles, Projects, Assets, and Departments.
You need to set up or create departments before creating users and projects. This section contains the following topics:
To create a new department, perform the following steps in the Oracle Enterprise Repository Admin screen:
In the left panel, click Departments.
Click Create New. The Create New Department dialog is displayed.
Enter the appropriate information in each of the text boxes.
When finished, click Save.
To edit a department information, perform the following steps in the Oracle Enterprise Repository Admin screen:
In the left panel, click Departments.
Click List All, or search for a particular department.
Select the department to be edited from the list in the right panel. The department's detail is displayed.
Click Edit in the department detail. The Edit Department dialog is displayed.
Update the text boxes as required.
When finished, click Save.
This section describes the following topics:
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the left panel, click Users.
Click Create New in the Users section. The Create New User dialog is displayed.
Enter the appropriate information in each of the text boxes in the Overview section, as shown in Figure 1-3.
Select Active in the Status list.
In the Roles section, assign roles to the new user by using the >> and << buttons to move items from the Available Roles column to the Selected Roles column, as shown in Figure 1-4. (The User role is the default role for all new users.)
In the Departments section, assign the new user to departments by using the >> and << buttons to move items from the Available Departments column to the Selected Departments column, as shown in Figure 1-5.
When finished, click Save.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the Users section, use Search or List All to locate the user(s) to be viewed.
The list of users is displayed in the main pane, as shown in Figure 1-6.
Select a user from the list. The user's information is displayed in the lower pane.
Click Hide/Display Search Results button to expand the User detail to fill the main pane.
Click the first button in Figure 1-6 to switch to the tabbed view of the User detail.
Click the first button in Figure 1-7 to switch back to the standard view of the User detail.
Click the second and third button in Figure 1-7 to scroll through the list of users.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
Enter appropriate text in the Name text box.
Use the Department, Role, and Status lists as appropriate to narrow the search.
Click the Search button. Search results appear in the list in the upper frame of the main pane.
Cloning a user provides an easy way for administrators to quickly duplicate user accounts.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the Users section, use Search or List All to locate the user to be cloned.
Click the Clone button in the user detail.
The Clone User dialog is displayed. The Overview section is blank, but information in the Roles and Departments sections duplicates that of the cloned user.
Enter the appropriate information in each of the text boxes in the Overview section.
If necessary, edit the information in the in the Roles and Departments sections by using the >> and << buttons to move items between the Available and Selected columns.
When finished, click Save.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the Users section, use Search or List All to locate the user(s) to be edited. The list of users opens in the main pane.
Select a user from the list. The user's information is displayed in the lower pane.
Click the Edit button in the user detail. The Edit User dialog is displayed (same form as the Create New User and Clone User dialogs).
Make changes as necessary in the Overview, Roles, and Departments sections.
When finished, click Save.
Projects are the primary means of gathering metrics in Oracle Enterprise Repository. Oracle Enterprise Repository tracks assets produced by projects, as well as assets consumed by projects. Oracle Enterprise Repository users are assigned to projects, and when a user submits a new asset, they are prompted for the producing project. Likewise, when a user wants to reuse an asset, they are prompted for the project on which the asset is reused. This allows Oracle Enterprise Repository to generate reports on the reuse savings per project. It also allows Oracle Enterprise Repository to report on the savings generated by asset production teams. Projects are also hierarchical, which allows organizations to, for example, establish a program that may spawn many projects.
Projects are also a channel for governance practices. Oracle Enterprise Repository Compliance Templates (usually taking the form of Architecture Blueprints or Project Profiles) can be applied to projects.
The Oracle Enterprise Repository Projects page provides access to tools for creating and managing projects.
Project information may be displayed as a series of portlets or tabs:
Overview
Includes a project Description, and indicates the assigned Department, Start Date, Estimated Hours, and project Status.
Displays the Compliance Template(s) assigned to the project.
Lists any assets used in (or under consideration for use in) the project.
Click the Zoom icon next to any listed asset to display its Reported Asset Value.
Project members can view the Asset Usage Detail.
Project leaders can view/edit the Reported Asset Value.
Figure 1-10 Reported Asset Value of Asset
Reported Asset Value represents the hours saved by reusing assets on their projects. This value is derived from either the Predicted Value, Consumer Value, or a completely new value determined by the project leader. Only the project leader can set this value.
Lists any assets produced by the project.
Lists all users associated with the project, as well as each user's role on the project (leader/members). Project leaders have the ability to assign a Reported Asset Value value to assets consumed by the project.
Related Projects
When enabled, lists any related projects, and defines the relationships in parent/child terms.
This procedure is performed in the Projects screen.
In the left panel, click Create New. The Create New Project dialog is displayed.
Enter the appropriate information in the Name, Description, and Estimated Development Hours text boxes.
Click the ... button to open the calendar to select a Start Date.
Select a department from the Department list.
Select the appropriate status in the Status list. There are two options that you can select from - Open and Closed. An Open status indicates that the project is still open for changes. A Closed status would mean that the project is closed and is not open for changes.
If necessary, select Automatically Assign to New Users.
Click Edit in the Users section. The Add/Remove Users dialog is displayed, as shown in Figure 1-14.
Use Search or List All Users to display a list of users in the Search Results section. Use the Department list to filter search results.
Use the >> and << icons to move users between the Search Results, Project Leaders, and Selected Users sections.
Click OK. The assigned Project Leaders and Project Members appear in the Users section of the Create New Project dialog is displayed.
Click Save. The Create New Project dialog closes, and the new project detail appears on the Projects page.
This procedure is performed in the Projects page.
Use Search or other means to locate the project to be edited.
Click Edit in the project detail.
Edit the project information as necessary. (See Section 1.4.2, "Creating a Project").
This procedure is performed in the Projects page.
Select the Users tab.
Click Reassign Users/Usage. The Reassign dialog is displayed.
Use the options to select the appropriate action.
Click Choose a New Project. The Search for a Project dialog is displayed.
Use Search or List All Projects to display a list of projects.
Select the project to which the users and/or usages are to be reassigned.
Click OK.
Click Next. The Select users you wish to reassign dialog is displayed.
Use the >> and << icons to reassign users as Project Leaders and/or Project Members.
Click Next. A confirmation message appears.
Click Done.
This procedure is performed on the Projects page.
Enter a keyword or search term in the Name text box.
Use the Department and Status lists as necessary to filter the search.
Click Search. Search results are listed in the main pane.
This procedure is performed on the Projects page.
Select the project to be closed. The project detail is displayed in the bottom frame.
Click Edit. The Edit Project dialog is displayed.
Select Closed from the Status list in the Overview section of the Edit Project dialog, as shown in Figure 1-20.
Click Save. If the project has consumed assets, the Update Usage Status dialog is displayed, as shown in Figure 1-21. The consumed assets are listed in this dialog, each with a Status list.
Update the status of each consumed asset as necessary.
|
Note: Depending on the specific role and permissions assigned to the project leader, certain assets consumed by the project does not appear in the list. If this is the case, anATTENTION message appears in the Update Usage Status dialog. Be advised: Only the project members listed below the ATTENTION message can reject the asset. Otherwise, clicking OK in the Update Usage Status dialog sets the status of any hidden assets to Deployed. |
When the Update Usage Status pop-closes the view returns to the Edit Project dialog.
Click Save. The project is closed.
The Project Relationships feature enables you to map the relationships between projects on a parent/child basis.
This procedure is performed on the Projects page.
Click List All on the Projects page, as shown in Figure 1-22.
A list of projects appears in the top section of the main pane, as shown in Figure 1-23.
Select the project to be edited. The Project Detail pane is displayed in the bottom section of the main pane, as shown in Figure 1-24.
Click Edit in the Project Detail pane. The Edit Project dialog is displayed, as shown in Figure 1-25.
Click Edit in the Related Projects section of the Edit Projects dialog. The Add/Remove Projects dialog is displayed, as shown in Figure 1-26.
Click List All Projects. A list appears in the Available Projects window.
Select the project to be added and use the >> icon to move it to either the Parent Projects or the Child Projects category window, as appropriate. The project appears in the selected window.
Click OK to close the Add/Remove Projects dialog. The new project relationship appears in the appropriate list in the Related Projects section of the Edit Project dialog, as shown in Figure 1-27.
Click OK to close the Edit Project dialog. The new project relationship appears in the Related Projects section of the Asset Detail, as shown in Figure 1-28.
Project relationship are also displayed in the Oracle Enterprise Repository Navigator.
Clicking the Roles link in the Oracle Enterprise Repository menu bar allows administrators to set up roles for an organization's various functions. Oracle Enterprise Repository access settings are established for each role, and each user is assigned a specific role based on his/her function within the organization.
Users assigned the admin role have unlimited access to all Oracle Enterprise Repository functions. By default, in either a new installation or a migration from a previous version, the user account identified as admin is assigned the admin role in order to facilitate initial installation and configuration. It is highly recommended that you limit the assignment of admin privileges to the original Oracle Enterprise Repository* user account and no more than one additional account. The various default roles established in Oracle Enterprise Repository offer a variety of privileges to satisfy the functions and responsibilities for any and all Oracle Enterprise Repository users. These roles may be customized to suit the particular needs of your organization.
The various default roles shipped with Oracle Enterprise Repository are listed below. Users with access to the Admin tab can change role names to suit organizational needs. The permissions granted to these roles can be changed in the Access Settings section.
User
Anyone with an Oracle Enterprise Repository user name and password is considered to be a user. This role can be assigned as the default role for any new users at the time the user is created. All Oracle Enterprise Repository users can:
View news about the company's reuse initiatives
Locate, evaluate, and use/download assets
View projects
Generate reports
Submit assets to the registrar
Access Administrator
The access administrator creates all Oracle Enterprise Repository users, and assigns permissions to them. The access administrator must be familiar with the functions of the Admin Tab. Typically, access administrators can:
Create, view, and edit users and permissions
Generate reports
Advance Submitter
The advanced submitter role is typically assigned to asset builders and harvesters. Asset builders focus on building the asset content base. They respond to organization-wide asset needs as well as individual project needs. Harvesters study post-implementation projects for asset reuse potential. Typically, advanced submitters can:
Locate, evaluate, and use/download assets
View projects
Generate reports
Submit assets to the registrar
Edit asset metadata prior to asset registration
Registrar
The registrar is responsible for the acceptance or rejection of any asset. There may be more than one person functioning as a repository registrar, depending on the functions addressed. Typically, registrars can::
Locate, evaluate, and use/download assets
View projects
Generate reports
Submit assets to the registrar
Edit asset metadata prior to asset registration
Accept assets for the registration process
Approve tabs
Register assets
Edit access settings
Registrar Administrator
The registrar administrator is able to establish Types within Oracle Enterprise Repository, using the Type Manager. Typically, registrar administrators can:
Locate, evaluate, and use/download assets
View projects
Generate reports
Submit assets to the registrar
Edit asset metadata prior to asset registration
Accept assets for the registration process
Approve tabs
Register assets
Edit access settings
Edit Artifact Stores and Types
Project Administrator
Oracle Enterprise Repository tracks asset use at the project level in order to maintain a history for maintenance purposes. Project administrators create projects and assign users to projects using the Projects tab. Project administrators can close projects, indicate which assets were deployed, review, validate, and optionally override the predicted and consumer-reported value of assets used in a project through the project-reported asset value user interface. Typically, project administrators can:
Create, edit, and View projects
Generate reports
System Administrator
The system administrator configures Oracle Enterprise Repository for use, including, possibly, installation as well as the post-installation configurations. The system administrator typically can:
Enable and edit system settings
Generate reports
(The system administrator role should not be assigned to general users.)
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the left panel, click Roles. The Roles section is displayed, as shown in Figure 1-29.
Click Create New. The Create New Role dialog is displayed, as shown in Figure 1-30.
In Figure 1-30, enter a role name and description in the text fields in the Overview section.
If necessary, select the Automatically assign to new users? box.
Click the Edit Users in the Users section. The Add New Users dialog is displayed, as shown in Figure 1-31.
Use Search or click List All to locate users.
Use the >> and << buttons to move users between the Available Users and Selected Users columns.
When finished, click Save.
To add access settings to the role, see Section 1.6.1, "Granting Permissions to a Role".
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the left panel, click Roles. A list of roles is displayed in the main pane, as shown in Figure 1-32.
Use Search or browse the list to locate the Role to be edited.
Click the role to display its information in the lower pane.
Click the Edit button in the role detail (bottom frame). The Edit Role dialog is displayed, as shown in Figure 1-33.
When finished, click Save.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
(Requires the Delete permission. See Access Settings.)
In the left panel, click Roles. A list of roles is displayed in the main pane.
Use Search or browse the list to locate the role to be deleted.
Option 1:
In the list in the upper frame, place a check in the box next to each role to be deleted.
Click Delete.
Option 2:
Select the role in the list in the upper pane to display its information in the lower pane.
Click the Delete button in the role detail (lower frame).
Click OK in the delete confirmation.
|
Note: Deleted roles no longer appear in Access Settings. |
Access Settings allow the administrator to assign permissions to each role. Access settings identify the functions and responsibilities of a role, and determine each role's level of access to assets and asset management features in Oracle Enterprise Repository.
System safeguards prevent an administrator from inadvertently modifying permissions in such a way that would prevent his/her subsequent access to Access Settings.
Basic Access Settings (BAS)
Control the access to assets in Oracle Enterprise Repository across the board, based on the roles to which users are assigned. Access to Oracle Enterprise Repository tools, such as the Asset Editor or the Type Manager, is similarly controlled. Basic Access Settings establish access across the system. For example, permission to view assets applies to all assets; as does permission to Use/Download assets.
Custom Access Settings (CAS)
Establish Advanced Role-based Access Control to restrict access to specific assets or groups of assets in Oracle Enterprise Repository to specific user roles.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the left panel, click Basic Access Settings.
Select the appropriate grouping from the list in the Basic Access Settings section.
The selected grouping's access settings are displayed in the main pane.
Click the Edit button (upper right corner of the main pane.) The Edit Basic Access Settings for:... dialog is displayed.
Roles are listed on the left; Permissions are listed along the top.
Select the appropriate option to determine which roles are displayed.
Select the role to which permissions are to be granted.
Use the check boxes to assign the appropriate permission.
One click on an empty box adds a check mark (Granted)
A second click adds an X (Denied).
A third click clears the box (Not Granted).
When finished, click Save.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the left panel, click Basic Access Settings.
Select the appropriate grouping from the list in the Basic Access Settings section.
The selected grouping's access settings are displayed in the main pane.
Click the View Access button (upper right corner of the main pane). A message dialog is displayed.
Figure 1-38 View Access for Basic Access Settings for Assets
Click Configure. The Search / Filter Users and Access Settings dialog is displayed.
Figure 1-39 Search / Filter Users and Access Settings
Use Search or click List All in the Find Users section to locate the user(s) whose permissions are to be verified.
Use the >> button to move user(s) from the Available Users column to the Selected Users column.
Click OK. The selected user's access settings are displayed.
If multiple users are selected, clicking the > icon next to a user's name displays information specific to that user.
When finished, click Close.
Role-based Access Control (RBAC) allows Oracle Enterprise Repository to track asset usage and production on a by-user basis and personalizes the presentation of assets, limiting visibility to designated portions of Oracle Enterprise Repository. However, Role-based Access Control is not intended to provide security for asset metadata, nor is it intended to supplement the security of underlying asset repositories.
Oracle Enterprise Repository access settings provide no additional security for otherwise unsecured assets or data. For maximum security, asset metadata should be managed in a manner that prevents access to the metadata via an unsecured repository. Confidential information should be embedded in the asset's payload, or attached as documentation files and hosted in a secure repository.
If you choose to circumvent an authentication and permission challenge from the underlying asset repository, you do so at your own risk.
The following actions also have security implications:
Configuring SCM systems for access via a single Oracle Enterprise Repository user account
Allowing system access by unapproved users
Creating guest account logins
Guest accounts are strictly forbidden under the Oracle Enterprise Repository license.
Any of these actions has the potential to open the contents of Oracle Enterprise Repository to anyone with network access to Oracle Enterprise Repository.
Depending on the Access Settings in use, users with access to the Asset Editor may be able to see relationships to assets that are otherwise invisible to them in the registry. In this situation, the name of the hidden asset is visible, as is the detail of the relationship between that asset and an asset to which the users have access. No other information on the hidden asset is visible in the Asset Editor. In this situation, it is possible to delete the relationship between the visible and the hidden asset. However, given that the invisible asset is inaccessible to the users in question, the relationship cannot be restored by those users.
Permissions may be:
Granted (Permission is explicitly granted)
Denied (Permission is explicitly denied)
Not Granted (Permission is not explicitly granted nor denied.)
The table below identifies permissions that may be managed within Basic Access Settings.
Assets: Tools regulated: Oracle Enterprise Repository Asset screen, Asset Editor, Type Manager.
| Permission | Description |
|---|---|
| View | Assets may be viewed in Oracle Enterprise Repository. |
| Use | Displays/enables the Use - Download button in Oracle Enterprise Repository. |
| Download | Asset files may be downloaded. Provides visibility to file links after pressing the Use - Download button. |
| Review | Reviewing assets using Oracle Enterprise Repository. |
| Edit | Editing assets in the Asset Editor. |
| Accept | Accepting assets. This button, in the Asset Editor, moves assets from the Submitted -- Pending Review to the Submitted -- Under Review queue. |
| Approve Tabs | Approving metadata for assets. This button is available at the bottom of each tab in the Asset Editor display of each asset. Approving a tab logs the name of the approver and the date in the metadata, moves the asset out of the Submitted - Under Review queue for that tab, and changes the tab's text label to green. |
| Register | Registering assets. This permission providers the user with the ability to register all assets in the Asset Editor. |
| Edit Access Settings | Applicable only with Custom Access Settings. Provides the ability to assign Custom Access Settings to assets and files. |
| Create/Submit | Gives a user the ability to submit assets through or create new assets through the Asset Editor. |
| Launch Asset Editor | Gives a user the ability to open the Asset Editor tool. One must use this tool to edit and register assets. |
| Edit Artifact Store | Gives a user the ability to create and edit artifact stores (through the Asset Editor). |
| Edit Types | Gives a user the ability to configure asset type/compliance template metadata. Requires the Launch Asset Editor permission. |
| Notify | Determines if the user is allowed to send an ad-hoc email to users. |
| Global Permissions | These are permissions that do not apply to individual assets and cannot be overridden by custom access settings. |
Access: Tools regulated: Oracle Enterprise Repository Admin screen: Users, Sessions, Roles, Departments, File Stores, Basic Access Settings, Custom Access Settings
| Permission | Description |
|---|---|
| View | Viewing entries in the sections noted above. |
| Edit | Editing entries in the sections noted above. |
| Create | Creating users, roles, departments, file stores, and custom access settings. |
| Delete | Deleting sessions, roles, and custom access settings. |
Projects: Tools regulated: Oracle Enterprise Repository Projects screen
| Permission | Description |
|---|---|
| View | Viewing projects on the Projects page. |
| Edit | Editing projects on the Projects page. |
| Create | Creating projects on the Projects page. |
| Apply Template | Apply a compliance template to a project. |
Policies: Tools regulated: Oracle Enterprise Repository Asset screen
| Permission | Description |
|---|---|
| Apply Policy | Allows user to apply a policy to other assets. |
Reports: Tools regulated: Oracle Enterprise Repository Reports screen
| Permission | Description |
|---|---|
| View | Viewing reports. |
System Administration: Tools regulated: Oracle Enterprise Repository Admin screen: System Settings, Email Templates.
| Permission | Description |
|---|---|
| Edit | Ability to edit general, security, authentication, and file store settings. |
| Enable | Ability to enable new general, security, authentication, and file store settings. |
Sessions allows the administrator to see which users are logged in to Oracle Enterprise Repository and, if necessary, shut down a user session.
This procedure is performed on the Oracle Enterprise Repository Admin screen.
In the left panel, click Sessions. A list of sessions is displayed in the main pane, as shown in Figure 1-41.
Select the session to be deleted from the list in the main pane. The session's detail opens in the bottom frame.
Click the Delete button in the session detail. A confirmation dialog is displayed.
Click OK. The session is deleted.
In the list of session in the main pane, place a checkmark next to each session to be deleted. (Place a checkmark in the check box at the top of the column to select all listed sessions.)
Click the Delete button in the session detail. A confirmation dialog is displayed.
Click OK. The session is deleted.
(Requires the Delete permission. See Section 1.6, "Access Settings".)
|
 Copyright © 2008, 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
