Next >

Tutorial: Defining write usage in Management Center

In this tutorial, you define a usage policy to determine whether a user has write access to instances of a business object. You create a Search Term Manager role that has write access to the search term association objects in the Catalogs tool. We can refer to Tutorial: Creating a user with the Recipe Manager role as a reference.

Management Center uses the usage policy to determine whether to display the menu item. The usage policy conveys how information is used by the client. An access control check is performed based on the usage information provided. You might want to limit the access of some business user roles. For example, we want a workspace Task Group Approver to have read-only access to some objects that are loaded by the Management Center framework. Use the tool level usage parameter to determine access to the tool for a user. Use the object level writeUsage parameter to determine write access to instances of the business object for a user.

usage

The usage attribute is specified in the definition of the application menu item. This attribute denotes the name of the usage policy used to determine access to the menu item in the Management Center. If there are no stores available to the user for a tool, that tool does not appear in the application menu. Once the tool is opened, the store selection drop-down menu populates with stores that match the current user and usage.

writeUsage

The writeUsage attribute is specified in the object definition. This attribute denotes the name of the usage policy used to determine whether the user has write access to instances of the business object. If the user does not have write access, the object is in read-only state. If the writeusage attribute is not specified in the object definition, then the usage that is specified for the tool is used. The user that has access to the tool also has write access to instances of the business object.

Learning objectives

After completing this tutorial, you should be able to perform the following tasks:

• Create a role in Management Center.

• Create a user and assign the new role to the user.

• Assign roles access to specific business tools.

• Update user groups for write access.

• Create access control policies for write usage.

Time required

This tutorial takes approximately 60 minutes to finish. If you explore other concepts related to this tutorial, the tutorial takes longer to complete.

Skill level

Advanced

Audience

This tutorial is intended for advanced WebSphere Commerce developers responsible for customizing the Management Center user interface.

Tutorial resources

Download the following file into a temporary directory in the development environment. This file includes the source code used in this tutorial for use as a reference.

• WriteUsage_sourcecode.zip

Results

After you complete this tutorial, we can open the Catalogs tool, edit search term association objects, but cannot edit other business objects that are in read-only mode.

Lessons in this tutorial

• Creating a user with the Search Term Manager role
  In this lesson, you create a Search Term Manager role and assign the role to a user. The Search Term Manager role is defined as you proceed through this tutorial. When our customization is complete, the Search Term Manager created is able to edit search term association objects.

• Enable a Search Term Manager to access the Catalogs tool
  In this lesson, you add the Search Term Manager role to existing user groups so that a user with that role can access the Catalogs tool.

• Create a user group for write access to business objects
  In this lesson, you create a user group that contains all the roles that can have write access to the business objects. Within this new ExtSearchTermAsociationManagersForOrg user group, you specify that the Category Manager, Product Manager, Seller, Marketing Manager, and Search Term Manager roles can manage search term associations.

• Create access control policy for write usage to the objects
  In this lesson, you set up write usage policies for our new user group so that users in the new user group have write access to the objects.

• Adding the new role to the store type mapping
  In this lesson, you learn how to create a customized configuration file to map the new usage to store types, and to map the store to the role type.

• Update the write usage of the object definition with the new usage
  In this lesson, you change the writeUsage value to use the new write usage in the object definition of the primary object.

• Testing our customization
  In this lesson, you test our customization result by verifying write access in Management Center by logging in as a user with a Search Term Manager role.

Next >