Securing REST folders/services by roles

Idea created by INCOIS-WEB on Jun 21, 2013
    New
    Score180
         By specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.
    "When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
    http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/

         That means, Publishers can stop or delete any services hosted on the site.

         For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.


         Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.
                                       It'd be nice if User A can only see the Folder/Service A and not being able to from User B.

         ArcGIS Server site
            -Folder A
                -Service A
            ==> Set permission as follows
                   -Role A
                       -User A(publisher)

            -Folder B
                -Service B
            ==> Set permission as follows
                   -Role A
                   -User A(publisher)
         - See more at: Securing folders/services by roles specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.
         "When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
    http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/

         That means, Publishers can stop or delete any services hosted on the site.

         For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.


         Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.
                                       It'd be nice if User A can only see the Folder/Service A and not being able to from User B.

         ArcGIS Server site
            -Folder A
                -Service A
            ==> Set permission as follows
                   -Role A
                       -User A(publisher)

            -Folder B
                -Service B
            ==> Set permission as follows
                   -Role A
                   -User A(publisher)

              y specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.
    "When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
    http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/

              That means, Publishers can stop or delete any services hosted on the site.

              For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.


              Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.
                                            It'd be nice if User A can only see the Folder/Service A and not being able to from User B.

              ArcGIS Server site
                 -Folder A
                     -Service A
                 ==> Set permission as follows
                        -Role A
                            -User A(publisher)

                 -Folder B
                     -Service B
                 ==> Set permission as follows
                        -Role A
                        -User A(publisher)
              - See more at: Securing folders/services by roles
              y specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.
    "When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
    http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/

              That means, Publishers can stop or delete any services hosted on the site.

              For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.


              Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.
                                            It'd be nice if User A can only see the Folder/Service A and not being able to from User B.

              ArcGIS Server site
                 -Folder A
                     -Service A
                 ==> Set permission as follows
                        -Role A
                            -User A(publisher)

                 -Folder B
                     -Service B
                 ==> Set permission as follows
                        -Role A
                        -User A(publisher)
              - See more at: Securing folders/services by roles
              By specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.
    "When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
    http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/

              That means, Publishers can stop or delete any services hosted on the site.

              For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.


              Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.
                                            It'd be nice if User A can only see the Folder/Service A and not being able to from User B.

              ArcGIS Server site
                 -Folder A
                     -Service A
                 ==> Set permission as follows
                        -Role A
                            -User A(publisher)

                 -Folder B
                     -Service B
                 ==> Set permission as follows
                        -Role A
                        -User A(publisher)
              - See more at: Securing folders/services by roles