Can we make a DTP project "public" without having to manually add a team or individual user?

ByronPhungByronPhung Posts: 13

In our desired environment, anyone with an LDAP account should be allowed to view the reports in a DTP project. We understand that there may be some security implications with this approach, but we also do not want to manually upkeep custom team/LDAP groups anytime there is a new user.

Tagged:

Best Answer

Answers

  • JromeroJromero Posts: 24

    Hi @ByronPhung it's possible but as you stated security will be in the way, and also if you don't create a special group all users from LDAP must be imported to DTP which can cause slow performance base in your LDAP users total, so in other words is possible can bring performance/security issues to the table.

  • ByronPhungByronPhung Posts: 13

    Thank you for the quick response, @Jromero! I definitely understand the concern with that. I should also mention that we already have LDAP connected to our DTP server, so any user with a domain account can already login to our server and we are not maintaining any additional accounts separately in DTP. All we are looking for is a way to allow users to view reports generated from a different machine, such as in a Jenkins build, for example, without having to add a "team" or "individual user" to the project directly, similar to how BitBucket offers a "Make repository public" option.

    Given your response, does that mean the answer is no?

  • ByronPhungByronPhung Posts: 13

    @Jromero Thanks for the confirmation. In that case, unless that option is offered in a future release, we will then have to consider an alternative approach or a different workflow.

  • Mark LambertMark Lambert Posts: 104 admin

    You can give a users (or group of users) access to all the filters/projects in Report Center by using a 'permissions' in User Administration.

    1. Under User Administration, search the Groups for the group that you are using to manage the users.
    2. Select the 'Permissions & Hierarchy' tab.
    3. In 'Add New Permission' select
    • Tool: grs
    • Name: project
    • Value: .* (+ check the 'regexp' option)
    1. Click 'Add', click 'Save'

    All users in that group should now have access to all projects in Report Center - but not be able to see the source or change the metadata for the violations. These are additional permissions:

    • grs.viewSourceCode
    • grs.prioritizeOwner
    • grs.prioritizeAll

    See Documentation: "Parasoft DTP 5.3.2 > Administration > User Administration > Assigning Native Permissions"
    https://docs.parasoft.com/display/DTP532/Assigning+Native+Permissions

  • ByronPhungByronPhung Posts: 13

    @Mark Lambert Thank you for the response, Mark! This is good information to know in case we want to isolate permissions by user or group.

    However, we are currently looking into applying permissions at a project-level, not user or group level. The method described above would require us to manually create a DTP Team, then add users to that team, and finally add that team to our desired project for the permissions to apply whereas we want to manage permissions per project, which would apply to all users by default.

  • Mark LambertMark Lambert Posts: 104 admin

    OK, so the way to support this would be to create a 'group' (e.g. 'Public Projects') and add the grs.project permission and set the value to the name of the project that you want to be viewed by everyone. Users would then would need to be added manually to this group. We are working on a set of REST APIs to make administration 'automate-able' but it's scheduled for 5.4.0 (Q1 2018)

Sign In or Register to comment.