Roles

SelectUser Management > Roles.

A role is a group of one or moreUsers.

For more information about users and roles inFME Flow, seeRole-Based and User-Based Access Control.

The default columns displayed in the Roles table are:

  • Name- Name of the role.
  • Users- User accounts assigned to the role.

FME Flowprovides a set of default roles:

Role Description User

fmeadmin

Provides full access toFME Flow, including the Web User Interface.

 admin

fmeauthor

Providesworkspaceauthors access toFME Flowto publish, author, and test newworkspaces.

 author

fmeguest

Provides unauthenticated access to run jobs via Web Service URLs.

 guest
fmesuperuser Authorized to access all resources ofFME Flow, including existing and newly-created resources. admin
fmeuser Provides users access to the Web User Interface and Web Services. user

Adding and Removing Roles

To add a role, clickNew. Alternatively, select an existing role and clickDuplicate. A dialog displays to add a new role. This dialog is similar to Configuring an Existing Role, below.

To remove a role, select it and clickRemove.

Note  "> NoteYou cannot remove the fmesuperuser role.

Configuring an Existing Role

To configure an existing user role, click an entry in the Roles table. The Edit Role page opens. Configure the following settings, and clickOKto save your changes.

Associated Users

To assign users to the role, click inside the field and select a user in the drop-down. To remove users from the role, click the "x" beside the user name.

Permissions

You can give a role access to different functions inFME Flow. Check the box beside a function to grant access.

Optionally, you can add permissions to match those from an existing role. ClickLoad Template. On the Load Template from Role dialog, select the role from which to load permissions, and clickOK. This option adds any additional permissions that are not already granted. No permissions are removed. You can clickLoad Templatemultiple times to add permissions from more roles.

There are two levels of permissions:

  • General: Allows users of the role to view the corresponding navigation link in the Web User Interface, along with select management functions, depending on the category. For example, ifAccessis checked besideRepositories, users can access the Repositories page. Additionally, ifCreateis checked, users can create repositories on the Repositories page.
  • Item: Allows users of the role specific permissions on items within functional categories. To view items, click the drop-down icon of a category (v). For example, when you expand the Repositories category, you see the individual repositories on yourFME Flow, along with the permissions that can be granted for each one.

The following is a detailed explanation of general- and item-level (where applicable) permissions for each category:

  • Access: Access theAutomationspage, and list workflows and tags.
  • Create: Create workflows.

    • Individual Automations:

    • Read: View a workflow and its log file.
    • Write: Edit or remove a workflow.
    • Run: Start and stop a workflow.
    • Apps: Run a workflow through anautomation app.
    • Webhooks: Access a URL generated by aWebhooktrigger that requires authentication.
    Note  "> NoteAutomations requires additional permissions. You are prompted to grant any additional permissions that are required.

Manage: Access and manageBroadcast Messages.

  • Access: Access theDatabase ConnectionsandWeb Connectionspages.
  • Create: Create connections.
  • Manage: Access, create, and remove connections.

    • Individual Connections:

    • Access: Manage web services.
  • Access: Access theJobspage to view the jobs you have run, or cancel any of your jobs that are currently running or in queue.
  • Manage: Access and manage the jobs of all users. You can:
    • Cancel any job that is currently running.
    • Remove the history of jobs that were previously run.
  • Upload: Allow publishing FME packages fromFME FormtoFME Flow.
  • Access: Access theProjectspage.
  • Create: Create projects.

    • Individual Projects:

    • Read: View information about a project.
    • Write: Edit a project.
    • Delete: Delete a project, or delete items from a project.
    Note  "> NoteAccess or Create permission is not required to have Read/Write/Delete permission on individual projects. These tasks can still be accomplished with theREST API.
  • Access: Access thePublicationspage.
  • Create: Create Notification Service Publications.

    • Individual Publications:

    • Read: View information about a publication.
    • Write: Edit a publication.
    • Remove: Delete a publication.
  • Manage: Access toQueue Control,除了引擎分配规则(也需要马nage permission in Licensing & Engines).
  • Access: Access theWorkspacespage.
    • Note  "> NoteAccess permission is not required torun aworkspace. Only Run permission on the applicable repository is required (see below).
  • Create: Create repositories.

    • Individual Repositories:

    • Download: Downloadworkspaces and other repository items fromFME FlowintoFME Workbench.
    • Read: View repository information.
    • Publish: Publishworkspaces and other items to the repository fromFME Workbench.
    • Run: Run repositoryworkspaces fromFME Flow.
      • Note  "> NoteUsers must also have Allow permission on the applicable service (see Services) when runningworkspaces.
    • Remove:删除一个存储库,或删除项目回购sitory.
    Note  "> NoteYou must uncheck all five permissions to completely remove a role from membership with a repository.
  • Access: Access theResourcespage.
  • Create: Create connections to network resources.

    • Individual Resource connections (top-level folders):

    • Access: Read and download a file.
    • List: List the folders and files of a resource.
    • Write: Write to files.
    • Upload: Upload files.
    • Remove: Delete files.
  • Access: Access theSchedulespage.
  • Create: Create schedules.

    • Individual Schedules:

    • Full Access: Edit or delete a schedule.
  • Manage: Access toSecurityconfigurations.
  • Access: Access theAutomation Appspage.
  • Create: Create new automation apps.

    • Individual Automation Apps:

    • Run: Run an automation app.
    • Read: Access an automation app.
    • Write: Edit or remove an automation app.
  • Access: Access theGallery Appspage.
  • Create: Create new gallery apps.

    • Individual Gallery Apps:

    • Run: Open links in a gallery app.
    • Read: Access a gallery app.
    • Write: Edit or remove a gallery app.
  • Access: Access theWorkspace Appspage.
  • Create: Create newworkspaceapps.

    • IndividualWorkspaceApps:

    • Run: Run aworkspaceapp.
    • Read: Access aworkspaceapp.
    • Write: Edit or remove aworkspaceapp.
  • Manage: Configure theFME Flowservices.

    • Individual Services:

    • Full Access: ManageFME Flowservices.
  • Access: Access theStreamspage.
  • Create: Create streams.

    • Individual Streams:

    • Read: View a stream.
    • Write: Edit or remove a stream.
  • Access: Access theSubscriptionspage.
  • Create: Create Notification Service Subscriptions.

    • Individual Subscriptions:

    • Read: View information about a subscription.
    • Write: Edit a subscription.
    • Remove: Delete a subscription.
  • Access: Access theTopicspage.
  • Create: Create topics.

    • Individual Topics:

    • Read: View information about a topic.
    • Write: Edit a topic.
    • Publish: Publish notifications to a topic.
    • Remove: Delete a topic.
Note  "> Note Version Controlmust be enabled to view these permissions.
  • Access: Commit versions andview repository history.
  • Manage: Enable version control and configure with a remote Git repository.