In this lesson, you update the catalog service access control policy to grant all users
access to view the new catalog entry information. By default, only the users with a site
administrator role have access to the new data.
About this task
The new policy that you create in the following steps define a new action for the
MyCompany_All access profile that you created in the previous lesson. You new policy also adds the
new action to the CatalogEntry all users group. The access profiles for change, process, and sync
actions run after the access control check on the change, process, or sync action. Tip: Although the previous lesson also created the MyCompany_CatalogEntry_Update and
MyCompany_CatalogEntryDescription_Update access profiles, only those access profiles that are used
by Get commands need to be explicitly registered.
Procedure
-
In your file manager utility, browse to the
WCDE_installdir\xml\policies\xml directory.
-
Within the directory, create an XML file that is named
MyCompanyCatalogAccessControlPolicies.xml.
-
Open your new file for editing and add the following code to define your new access control
policy.
<Policies>
<Action Name="GetCatalogEntry.MyCompany_All" CommandName="GetCatalogEntry.MyCompany_All"/>
<ActionGroup Name="Catalog-CatalogEntry-AllUsers-AccessProfileActionGroup" OwnerID="RootOrganization">
<ActionGroupAction Name="GetCatalogEntry.MyCompany_All"/>
</ActionGroup>
</Policies>
-
Run the acpload command to load the access control policies:
-
Open a command prompt and go to the WCDE_installdir\bin
directory.
-
Run the acpload command by using the following command:
- Run the acpload command with the access control policy XML
file as the only
parameter:
acpload MyCompanyCatalogAccessControlPolicies.xml
acpload database db_user db_password inputXMLFile schema_name
Where:
-
database
- The name of the database.
-
db_user
- The name of the database user.
-
db_password
- The password for your database user.
-
inputXMLFile
- The XML file that contains the access control policy specification. In this case, specify
MyCompanyCatalogAccessControlPolicies.xml
.
-
schema_name
-
The name of the database user who created the database and owns the schema, in
uppercase.
The name of the user who owns the tables.
For example,
acpload mall dbuser dbuserpwd MyCompanyCatalogAccessControlPolicies.xml DBUSER
-
acpload db_host_name db_user db_password inputXMLFile (NON-NLS)
Where:
- db_host_name
- The fully qualified host name of the machine that hosts the development database.
-
db_user
- The name of the database user.
-
db_password
- The password for your database user.
-
inputXMLFile
- The XML file that contains the access control policy specification. In this case, specify
MyCompanyCatalogAccessControlPolicies.xml
.
-
Go to the WCDE_installdir/logs directory. Inspect the
acpload.log and messages.txt files to ensure that the
access control policy loaded successfully. The messages.txt file might not
exist if the load completed successfully.
Check that the following policy files were created successfully in the
WCDE_installdir/xml/policies/xml directory:
- MyCompanyCatalogAccessControlPolicies_idres.xml
- MyCompanyCatalogAccessControlPolicies_xmltrans.xml
These two files are created as part of a successful idresgen utility process. Any error files
that generate in this directory indicate that an error occurred during the loading process.