Author Topic: Controlling read only and read write access to a repository using WebEA (Read 5755 times)

Modesto Vega · « **on:** April 20, 2022, 07:47:17 pm »

We have a repository with model security enabled and accessible both via Sparx EA and WebEA, we want to give more users access to the repository via WebEA, specifically we want some users to have read only access and some users to have read/write access - i.e., they should be able to edit the notes and names of elements (including packages) and diagrams. We currently do not have a requirement to hide specific packages.

The plan is to create 2 groups to handle this 2 types of access.

The question I have is what permissions should each group be granted to achieve the above.

P.S.: I have posted here since this is a question about model security.

Modesto Vega · « **Reply #1 on:** April 30, 2022, 01:29:29 am »

It has been 9 days since I posted this and have had no reply. Somehow, I cannot believe we are the only one trying to this; any thoughts will be much appreciated.

P.S.: I will also raise a support ticket.

rwittmann · « **Reply #2 on:** May 27, 2022, 06:24:34 pm »

I have nearly the same query: what rights have to be granted to an SQL user so that he can open and read the repository, but not modify it?
EA will exit with an exception if the user has only SELECT rights...

Was the query answered by support already?

Modesto Vega · « **Reply #3 on:** May 27, 2022, 07:28:03 pm »

Quote from: rwittmann on May 27, 2022, 06:24:34 pm

[SNIP]
Was the query answered by support already?

In a very Sparxian fashion, we were provided with 3 links:

See Edit Objects - https://sparxsystems.com/enterprise_architect_user_guide/16.0/the_model_repository/webea_editobject.html

WebEA User guide - https://sparxsystems.com/enterprise_architect_user_guide/15.2/model_repository/webea_interface.html

Permission list - https://sparxsystems.com/enterprise_architect_user_guide/16.0/model_security/permissionlist.html

This does not quite address our question but after reading through this we granted WebEA read only users "Update Diagrams" and "Manage Issues" permissions. Curiously, they don't seem to be able to update diagram descriptions, the only operation they can perform through WebEA.

skiwi · « **Reply #4 on:** June 03, 2022, 01:30:41 pm »

We created two paths into the model from WebEA
E.g.
https://model.example.com/WebEA?m=1&o=9C50E176-CDFB-43ac-AD6B-739CB85929AF
and
https://model.example.com/WebEA?m=2&o=9C50E176-CDFB-43ac-AD6B-739CB85929AF

One provides read only access using a behind the scenes userid (with no password)
The other provides access using AD integration

Reference
Configure WebEA models - via Web Browser | Enterprise Architect User Guide (sparxsystems.com)

Modesto Vega · « **Reply #5 on:** June 09, 2022, 01:39:45 am »

Thank you for the reply, one quick question. Both models will be pointing to the same repository database and we have model security enabled. Are you saying that the we can configure the 2nd model to bypass model security?

skiwi · « **Reply #6 on:** June 09, 2022, 08:13:25 am »

In Sparx EA I configured a fixed user (whose name conveniently was 'View Only') to have read only rights, and no password.
In WebEA I specified that user for any access to the model using that model number.
So no bypassing the model, just leveraging the security model for the desired outcome.

Modesto Vega · « **Reply #7 on:** June 09, 2022, 06:08:41 pm »

Thank you, will give it a try.

Sparx Systems Forum

News: