Secure > Authorization > Customize default access control policies > Define access control policy elements using XML
Protect controller commands
All controller commands require a role-based access control policy in order to be executed. A controller or task command also requires a resource-level policy if the command is doing resource-level checking.
For more information see Protect resources. The following example displays a role-based policy for controller commands:
<Policy Name="SellersExecuteSellersCmdResourceGroup" OwnerID="RootOrganization" UserGroup="Sellers" ActionGroupName="ExecuteCommandActionGroup" ResourceGroupName="SellersCmdResourceGroup" PolicyType="groupableStandard"> </Policy>
The ActionGroupName, ExecuteCommandActionGroup, indicates that this is a role-based policy for controller commands. The policy states that users in the Sellers access group can execute the commands in the SellersCmdResourceGroup, resource group.
The following is an example of the SellersCmdResourceGroup resource group definition:
<ResourceGroup Name="SellersCmdResourceGroup" OwnerID="RootOrganization"> <ResourceGroupResource Name="com.ibm.contract.commands.ContractCancelCmdResourceCategory"/> <ResourceGroupResource Name="com.ibm.contract.commands.ContractCloseCmdResourceCategory"/> <ResourceGroupResource Name="com.ibm.contract.commands.ContractCreateCmdResourceCategory"/> </ResourceGroup>
The preceding example shows the following three resources in the resource group, that each correspond to a controller command:
- com.ibm.contract.commands.ContractCancelCmdResourceCategory
- com.ibm.contract.commands.ContractCloseCmdResourceCategory
- com.ibm.contract.commands.ContractCreateCmdResourceCategory
The following is a sample definition of a resource:
<ResourceCategory Name="com.ibm.commerce.contract.commands.ContractCloseCmdResourceCategory" ResourceBeanClass="com.ibm.commerce.contract.commands.ContractCloseCmd"> <ResourceAction Name="ExecuteCommand"/> </ResourceCategory>
The Name attribute, com.ibm.commerce.contract.commands.ContractCloseCmdResourceCategory, is used as a tag to refer to the resource in the XML file. The ResourceAction Name, ExecuteCommand, is used to specify the actions that can operate on the resource. This information is used in the Administration console when using access control policies to populate the Action selection box that corresponds to a particular resource. In this case, the action Execute is specified. The Execute action is defined in the following:
<Action Name="ExcecuteCommand CommandName="Execute"> </Action>
The interface name of the controller command must match the ResourceBeanClass in the resource definition. The value of the ResourceBeanClass is stored in the RESCLASSNAME column of the ACRESCGRY table. These commands can be used as resources because they extend the ControllerCommand interface, which extends the AccCommand interface, which in turn extends the Protectable interface.
- Add a new controller command using existing policies
To add a new controller command to be accessed by a new role, that has an existing role-based policy, create an XML file.
- Add a new controller command using a new policy
To add a new controller command to be accessed by a new role, that does not have an existing role-based policy, create an XML file.
- Modify the command-level access control for a controller command
Based on the default access control policies, the UserRegistrationAdminAddCmd command cannot be run by users who only have the Marketing Manager role. The following scenario describes the steps needed to modify the existing policies so that these users can perform this command. Use the steps in this scenario and customize them to the own requirements.
- Modify the resource-level access control of an existing policy
For commands that require resource level access control, they return the protected resources that they are going to access in the command's getResources() method. This triggers a resource level access control check by the WebSphere Commerce access control framework. WebSphere Commerce will search for an access control policy in the system with an Action Group that includes the action that is equal to the current command; in this example com.ibm.commerce.usermanagement.commands.UserRegistrationAdminAddCmd. The policy's Resource Group must also include the resource that was returned in the getResources() method. In this case, the UserRegistrationAdminAddCmd command does implement the getResources() method and it returns the organization to which the new user is going to be registered.