Secure > Authorization > Customize default access control policies > Examples: Customizing access control policies using the Organization Administration Console
Example: Removing the ability of auction administrators to close auction bidding
By default, auction administrators for a store can modify or delete auctions for the store, as well as close bidding. In certain cases, you may not want to grant auction administrators the authority to close bidding, either because you want this action handled by others or because you do not require this action for the store.
In this example, we will remove the authority of auction administrators to close bidding.
To accomplish this change, we will do the following:
- Determine the resource-level policy that defines the actions that auction administrators can take.
- Determine the name of the action group for the policy.
- Delete the action for closing auction bidding from the policy's action group.
Identify the policy whose action group must be changed
- Identify the resource-level policy to be changed. The policy is:
AuctionAdministratorsForOrgExecuteAuctionManageCommandsOnAuctionResource
- From the Organization Administration Console, click Access Management > Policies.
- For View, select Root Organization to display the policies that it owns.
- Locate the policy in the list.
- Note the name of the policy's action group-- AuctionManage. This is the action group change to remove the action for closing bidding.
Remove the action for closing bidding from the policy's action group
- Click Access Management > Action Group.
- From the list of action groups, select AuctionManage.
- Click Change to display the Change Action Group page.
- From the Selected Actions list, select com.ibm.commerce.negotiation.commands.CloseBiddingCmd.
- Click Remove.
- Click OK.
Update the policy registry with the changes
- Open the Administration Console.
- Click Configuration > Registry.
- From the list of registries, select Access Control Policies .
- Click Update.