Artifactory 5.x

Using Artifactory 6.x ?
JFrog Artifactory 6.x User Guide

Expand all Collapse all

Have a question? Want to report an issue?Contact JFrog support

Skip to end of metadata
Go to start of metadata

Overview

Artifactory allows you to control access to repositories viaPermission Targets.

A permission target is comprised of a set of physical repositories (i.e. local or remote repositories - but not virtual ones), and a set of users or groups with a corresponding set of permissions defining how they can access the specified repositories. Include and Exclude patterns give you finer control over access to a specific set of artifacts within the repositories of the permission target.

For example, you can create a permission target that allows user "Builder" and group "Deployers" to read from and deploy artifacts to thelibs-releasesrepository. Using the Include Pattern and Exclude Pattern settings you could implement finer control over specific artifacts within that repository if so desired.

To manage permissions, in theAdminmodule go toSecurity | Permissions.

Page Contents

Creating a Permission Target

To create aPermission Target, in thePermissions Managementpage click "New" to display theNew Permissionscreen.

New Permission

Name

You must provide a unique name for eachPermission Target(limited to 64 characters).

Repositories

Select the repositories to which thisPermission Targetapplies. You can use theAny Local RepositoryAny Remote Repositorycheck boxes as a convenience.

Include and Exclude Patterns

Using an "Ant-like" expressions, you can specify any number of Include or Exclude Patterns as a comma-separated list in the corresponding entry field (limited to 1024 characters in total).

In the example above, source files have been excluded from thePermission Targetnamed "Not sources" using the appropriateExclude Pattern.

用户和组权限

Using the corresponding tabs, you can set the permissions granted to a user or a group. Double-click the user or group you want to modify to add it to the list ofPrincipals,然后检查体育rmissions you wish to grant.

You cannot add a user or group with admin privileges to a Permission Target

Since an admin is privileged with all permissions, you cannot add a user or group with admin privileges to a Permission Target.

Configure Permissions

The available permissions are as follows:

Manage
 Allows changing the permission settings for other users on this permission target
Delete/Overwrite
 Allows deletion or overwriting of artifacts
Deploy/Cache
 Allows deploying artifacts and deploying to caches (i.e. populating caches with remote artifacts)
Annotate
 Allows annotating artifacts and folders with metadata and properties
Read
 Allows reading and downloading of artifacts


Multiple Permissions

Permissions are additive and must be explicitly granted. If a checkbox is not set for a user, then that user does not have the corresponding permission.

Permission Target Managers

By assigning theManagepermission to a user, you may designate them as the "Permission Target Manager". These users may assign and modify permissions granted to other users and groups for thisPermission Target. In the Artifactory UI these users have access to the specific users they are allowed to manage. This can be useful on a multi-team site since you can delegate the responsibility of managing specific repositories to different team members.

Preventing Overwriting Deployments

You can prevent a user or group from overwriting a deployed release or unique snapshot by not granting theDeletepermission.Non-unique snapshots can always be overwritten (provided theDeploypermission is granted).

Examining Permissions

You can examine permissions in the context of repositories, users or groups.

By Repository

In theArtifactsmodule, select repository you want to view in theArtifact Repository Browserand then select theEffective Permissionstab to see the permissions granted to users or groups for this repository.

Permissions by repository

By User or Group

For any user or Group, you can view the list of Permission Targets that it is associated with (whether directly or through membership in a group).

For users, In theAdminmodule, underSecurity | Users,select the user you wish to examine. TheUser Permissions显示用户的页面的底部。

You can similarly view Group permissions in theAdminmodule underSecurity | Groups.

  • No labels