Wiki source code of Users and roles

Last modified by Boris Folgmann on 2026/05/20 13:16

version	line-number	content
1.1	1	{{toc depth="1"/}}
	2
	3	= Role Model =
	4
7.2	5	== Portal Roles ==
	6
9.1	7	Inside the DevOps Portal users have exactly one defined role out of three.
8.2	8
	9	(% class="active" %)\|=(% style="width: 124px;" %)Portal Role\|=(% style="width: 861px;" %)Description
	10	\|(% style="width:124px" %)(((
8.1	11	Admin
8.2	12	)))\|(% style="width:861px" %)Admins have full-access. They can //create//, //edit //and //delete //all kinds of entities, like users, projects, organizations, technical users and roles. Therefore, they can also add additional admins who have the same privileges. The last Admin cannot remove himself.
	13	\|(% style="width:124px" %)(((
8.1	14	Creator
8.2	15	)))\|(% style="width:861px" %)Creators can //create //all kinds of entities like users, projects, organizations and technical users. When a Creator creates a new project he is automatically assigned an admin role in the project, which allows him to add more members.
	16	\|(% style="width:124px" %)(((
8.1	17	User
8.2	18	)))\|(% style="width:861px" %)All other users are simply called users. They can be assigned any role in projects.
7.2	19
9.1	20	(% class="wikigeneratedid" %)
	21	The permissions of these roles are documented at [[DevOps Portal for Users>>DevOps Portal for Users.WebHome]], [[DevOps Portal for Creators>>DevOps Portal for Creators.WebHome]], and [[DevOps Portal for Admins>>DevOps Portal for Admins.WebHome]].
	22
7.1	23	== Project Roles ==
	24
1.1	25	Each user who is a member of a project has to be in //exactly one// Project Role. Therefore it is not possible to have no or multiple roles in a project.
	26
	27	Different roles have different sets of permissions. Possible roles are:
	28
7.2	29	(% class="responsive-table" %)
8.2	30	(% class="active" %)\|=(% style="width: 120px;" %)(((
	31	Project Role
	32	)))\|=(% style="width: 864px;" %)(((
6.3	33	Description
1.1	34	)))
8.2	35	\|(% style="width:120px" %)(((
1.1	36	Admin
8.2	37	)))\|(% style="width:864px" %)(((
6.3	38	Full access, even to potentially dangerous operations like deleting content in the Project. Can administer Project Members and Roles.
1.1	39	)))
8.2	40	\|(% style="width:120px" %)(((
1.1	41	Master
8.2	42	)))\|(% style="width:864px" %)Elevated write acccess, excluding potentially dangerous operations which can lead to massive data loss or other unrevertable changes.
	43	\|(% style="width:120px" %)(((
1.1	44	Developer
8.2	45	)))\|(% style="width:864px" %)(((
7.1	46	General read-write access to contribute to the Project
1.1	47	)))
8.2	48	\|(% style="width:120px" %)(((
1.1	49	Viewer
8.2	50	)))\|(% style="width:864px" %)(((
1.1	51	Read-only access to all not security-relevant data in the Project
	52	)))
	53
	54	Currently, the role assignment is applied for all tools within one project.
	55
	56	{{info}}
	57	Note:
	58	To ensure the integrity of the applications in the context of the managed service, no customer user is allowed to get system admin permissions for the tools. The maximum permissions for a customer user is the "Project Admin" role as described here
	59	{{/info}}
	60
5.1	61	= User Permissions in DevOps Portal =
1.1	62
5.1	63	\|=(((
1.1	64	Role Type
5.1	65	)))\|=(% colspan="3" rowspan="1" %)(((
	66	Portal Role
	67	)))\|=(% rowspan="23" %) \|=(% colspan="4" %)(((
1.1	68	Project Role
	69	)))
5.1	70	\|(((
1.1	71	Role Name
5.1	72	)))\|(((
1.1	73	User
5.1	74	)))\|(((
1.1	75	Admin
5.1	76	)))\|(((
	77	Creator
	78	)))\|(((
1.1	79	Viewer
5.1	80	)))\|(((
1.1	81	Developer
5.1	82	)))\|(((
1.1	83	Master
5.1	84	)))\|(((
1.1	85	Admin
	86	)))
5.1	87	\|Login to DevOps Portal\|✅\|✅\|✅\|✅\|✅\|✅\|✅
	88	\|Logout from DevOps Portal\|✅\|✅\|✅\|✅\|✅\|✅\|✅
	89	\|Change my password\|✅\|✅\|✅\|✅\|✅\|✅\|✅
	90	\|Reset forgotten password\|✅\|✅\|✅\|✅\|✅\|✅\|✅
	91	\|Display list of users\|✅\|✅\|✅\|✅\|✅\|✅\|✅
	92	\|Search for user \|✅\|✅\|✅\|✅\|✅\|✅\|✅
	93	\|Add or remove "Corporate Admin" role to user \|❌\|✅\|❌\|❌\|❌\|❌\|❌
	94	\|Create User\|❌\|✅\|✅\|❌\|❌\|❌\|❌
	95	\|Delete User\|❌\|✅\|❌\|❌\|❌\|❌\|❌
	96	\|Lock User\|❌\|✅\|❌\|❌\|❌\|❌\|❌
	97	\|Unlock User\|❌\|✅\|❌\|❌\|❌\|❌\|❌
	98	\|Send invitation mail for first login\|❌\|✅\|❌\|❌\|❌\|❌\|❌
	99	\|Display list of projects \|❌\|✅\|❌\|⚠ Only his projects\|⚠ Only his projects\|⚠ Only his projects\|⚠ Only his projects
	100	\|Search for project \|❌\|✅\|❌\|⚠ Only his projects\|⚠ Only his projects\|⚠ Only his projects\|⚠ Only his projects
	101	\|Create project \|❌\|✅\|✅\|❌\|❌\|❌\|❌
	102	\|Delete project\|❌\|✅\|❌\|❌\|❌\|❌\|❌
	103	\|Retire project \|❌\|✅\|❌\|❌\|❌\|❌\|⚠ Only his projects
	104	\|Reactivate project\|❌\|✅\|❌\|❌\|❌\|❌\|⚠ Only his projects
	105	\|Add User to Project\|❌\|✅\|❌\|❌\|❌\|❌\|⚠ Only his projects
	106	\|Remove User from Project\|❌\|✅\|❌\|❌\|❌\|❌\|⚠ Only his projects
	107	\|Display used storage by project/tool or total\|❌\|✅\|❌\|⚠ Only his projects\|⚠ Only his projects\|⚠ Only his projects\|⚠ Only his projects
1.1	108
	109	= JIRA Project Roles / Permission Scheme =
	110
	111	In JIRA the Project Roles are first added to Security / Project Roles and then they get their Permissions assigned in the SDCloud Permission Scheme which has to associated later with the Jira Projects.
	112
5.1	113	\|=(((
1.1	114	Permission / Role
5.1	115	)))\|=(((
1.1	116	Admin
5.1	117	)))\|=(((
1.1	118	Master
5.1	119	)))\|=(((
1.1	120	Developer
5.1	121	)))\|=(((
1.1	122	Viewer
	123	)))
5.1	124	\|=(% colspan="1" %)(((
1.1	125	Project Permissions
5.1	126	)))\|(% colspan="1" %)(((
1.1	127
5.1	128	)))\|(% colspan="1" %)(((
1.1	129
5.1	130	)))\|(% colspan="1" %)(((
1.1	131
5.1	132	)))\|(% colspan="1" %)(((
1.1	133
	134	)))
	135	\|Administer projects
	136	Enabled Extended project administration\|✅\|❌\|❌\|❌
	137	\|Browse projects\|✅\|✅\|✅\|✅
	138	\|Manage sprints\|✅\|✅\|❌\|❌
	139	\|Service Desk Agent\|✅\|✅\|✅\|❌
	140	\|View development tool\|✅\|✅\|✅\|✅
	141	\|View (read-only) workflow\|✅\|✅\|✅\|✅
5.1	142	\|=Issue Permissions\| \| \| \|
1.1	143	\|Assign issues\|✅\|✅\|✅\|❌
	144	\|Assignable user\|✅\|✅\|✅\|❌
	145	\|Close issues\|✅\|✅\|❌\|❌
	146	\|Create issues\|✅\|✅\|✅\|❌
	147	\|Delete issues\|✅\|❌\|❌\|❌
	148	\|Edit issues\|✅\|✅\|✅\|❌
	149	\|Link issues\|✅\|✅\|✅\|❌
	150	\|Modify reporter\|✅\|✅\|❌\|❌
	151	\|Move issues\|✅\|✅\|❌\|❌
	152	\|Resolve issues\|✅\|✅\|✅\|❌
	153	\|Schedule issues\|✅\|✅\|❌\|❌
	154	\|Set issues security\|✅\|❌\|❌\|❌
	155	\|Transition issues\|✅\|✅\|✅\|❌
5.1	156	\|=(% colspan="1" %)Voters & watchers permissions\|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %)
3.1	157	\|Manage watcher list\|✅\|✅\|❌\|❌
1.1	158	\|View voters and watchers\|✅\|✅\|✅\|❌
5.1	159	\|=(% colspan="1" %)Comments permissions\|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %)
1.1	160	\|Add comments\|✅\|✅\|✅\|❌
	161	\|Delete all comments\|✅\|❌\|❌\|❌
	162	\|Delete own comments\|✅\|✅\|✅\|❌
	163	\|Edit all comments\|✅\|❌\|❌\|❌
	164	\|Edit own comments\|✅\|✅\|✅\|❌
5.1	165	\|=(% colspan="1" %)Attachments permissions\|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %)
1.1	166	\|Create attachments\|✅\|✅\|✅\|❌
	167	\|Delete all attachments\|✅\|❌\|❌\|❌
	168	\|Delete own attachments\|✅\|✅\|✅\|❌
5.1	169	\|=(% colspan="1" %)Time-tracking Permissions\|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %) \|(% colspan="1" %)
1.1	170	\|Work on issues\|✅\|✅\|✅\|❌
	171	\|Delete all worklogs\|✅\|❌\|❌\|❌
	172	\|Delete own worklogs\|✅\|✅\|✅\|❌
	173	\|Edit all worklogs\|✅\|❌\|❌\|❌
	174	\|Edit own worklogs\|✅\|✅\|✅\|❌
	175
	176	* Service Desk Agent is only available if the software was added to JIRA
	177
	178	= Confluence Project Roles =
	179
5.1	180	See vendor documentation for the exact meaning: [[https:~~/~~/confluence.atlassian.com/doc/space-permissions-overview-139521.html>>url:https://confluence.atlassian.com/doc/space-permissions-overview-139521.html]].
1.1	181
5.1	182	\|=(((
1.1	183	Space
5.1	184	)))\|=(% colspan="2" %)(((
1.1	185	All
5.1	186	)))\|=(% colspan="2" %)(((
1.1	187	Pages
5.1	188	)))\|=(% colspan="2" %)(((
1.1	189	Blog
5.1	190	)))\|=(% colspan="2" %)(((
1.1	191	Attachments
5.1	192	)))\|=(% colspan="2" %)(((
1.1	193	Comments
5.1	194	)))\|=(((
1.1	195	Restrictions
5.1	196	)))\|=(((
1.1	197	Mail
5.1	198	)))\|=(% colspan="2" %)(((
1.1	199	Space
	200	)))
	201	\|=(% colspan="1" %)Role/Operation\|(% colspan="1" %)View\|(% colspan="1" %)Delete Own\|(% colspan="1" %)Add\|(% colspan="1" %)Delete\|(% colspan="1" %)Add\|(% colspan="1" %)Delete\|(% colspan="1" %)Add\|(% colspan="1" %)Delete\|(% colspan="1" %)Add\|(% colspan="1" %)Delete\|(% colspan="1" %)Add/Delete\|(% colspan="1" %)Delete\|(% colspan="1" %)Export\|(% colspan="1" %)Admin
	202	\|=Admin\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅\|✅
	203	\|=Master\|✅\|✅\|✅\|❌\|✅\|❌\|✅\|❌\|✅\|✅\|✅\|❌\|✅\|❌
	204	\|=Developer\|✅\|✅\|✅\|❌\|❌\|❌\|✅\|❌\|✅\|❌\|❌\|❌\|❌\|❌
	205	\|=Viewer\|✅\|❌\|❌\|❌\|❌\|❌\|❌\|❌\|❌\|❌\|❌\|❌\|❌\|❌
	206
	207	= Bitbucket Project Roles =
	208
5.1	209	\|=(((
1.1	210
5.1	211	)))\|=(((
	212	Browse
	213	)))\|=(((
	214	Clone / Pull
	215	)))\|=(% colspan="1" %)(((
	216	Create, browse, comment on pull request
	217	)))\|=(% colspan="1" %)(((
	218	Merge pull request
	219	)))\|=(% colspan="1" %)(((
	220	Push
	221	)))\|=(% colspan="1" %)(((
	222	Create repositories
	223	)))\|=(% colspan="1" %)(((
	224	Edit settings / permissions
1.1	225	)))
	226	\|Admin\|✅\|✅\|✅\|✅\|✅\|✅\|✅
4.1	227	\|Master\|✅\|✅\|✅\|✅\|✅\|✅\|❌
1.1	228	\|Developer\|✅\|✅\|✅\|✅\|✅\|❌\|❌
	229	\|Viewer\|✅\|✅\|✅\|❌\|❌\|❌\|❌
	230
	231	//Repository permissions are inherited from project permissions.//
	232
	233	= Jenkins Project Roles =
	234
5.1	235	\|=(% colspan="1" %)(((
1.1	236	Permission
5.1	237	)))\|=(((
1.1	238	Role
5.1	239	)))\|=(((
1.1	240	Admin
5.1	241	)))\|=(((
1.1	242	Master
5.1	243	)))\|=(((
1.1	244	Developer
5.1	245	)))\|=(((
1.1	246	Viewer
5.1	247	)))\|=(% colspan="1" %)(((
1.1	248	Authenticated Users
5.1	249	)))\|=(% colspan="1" %)(((
1.1	250	Anonymous Users
5.1	251	)))\|=(% colspan="1" %)(((
1.1	252	Prometheus Tech User
	253	)))
	254	\|=(% rowspan="5" %)Credentials\|Create\|✅\|✅\|❌\|❌\|❌\|❌\|❌
	255	\|Delete\|✅\|❌\|❌\|❌\|❌\|❌\|❌
	256	\|Manage Domains\|✅\|❌\|❌\|❌\|❌\|❌\|❌
	257	\|Update\|✅\|✅\|❌\|❌\|❌\|❌\|❌
	258	\|View\|✅\|✅\|✅\|❌\|❌\|❌\|❌
	259	\|=(% rowspan="10" %)Job\|Build\|✅\|✅\|✅\|❌\|❌\|❌\|❌
	260	\|Cancel\|✅\|✅\|❌\|❌\|❌\|❌\|❌
	261	\|Configure\|✅\|✅\|❌\|❌\|❌\|❌\|❌
	262	\|Create\|✅\|✅\|❌\|❌\|❌\|❌\|❌
	263	\|Delete\|✅\|❌\|❌\|❌\|❌\|❌\|❌
	264	\|Discover\|✅\|✅\|✅\|✅\|❌\|❌\|❌
	265	\|ExtendedRead\| \| \| \| \| \| \|
	266	\|Move\|✅\|❌\|❌\|❌\|❌\|❌\|❌
	267	\|Read\|✅\|✅\|✅\|✅\|❌\|❌\|❌
2.1	268	\|Workspace\|✅\|✅\|✅\|❌\|❌\|❌\|❌
1.1	269	\|=(% rowspan="3" %)Run\|Delete\|✅\|❌\|❌\|❌\|❌\|❌\|❌
	270	\|Replay\|✅\|✅\|✅\|❌\|❌\|❌\|❌
	271	\|Update\|✅\|✅\|✅\|❌\|❌\|❌\|❌
	272	\|=Job Config History\|DeleteEntry\| \| \| \| \| \| \|
	273	\|=SCM\|Tag\|✅\|✅\|❌\|❌\|❌\|❌\|❌
	274	\|=Metrics\|HealthCheck\| \| \| \| \| \| \|
	275	\| \|ThreadDump\| \| \| \| \| \| \|
	276	\| \|View\| \| \| \| \| \| \|
	277
	278	= GitLab =
	279
	280	Users are assigned to Groups in GitLab with the following roles assignment. Permissions within subordinated Subgroups and GitLab Projects are inherited.
	281
5.1	282	\|=(((
1.1	283	Project Role
	284	)))\|=(((
	285	GitLab Group Members Permission
	286	)))
	287	\|(((
	288	Viewer
	289	)))\|(((
	290	Reporter
	291	)))
	292	\|(((
	293	Developer
	294	)))\|(((
	295	Developer
	296	)))
	297	\|(% colspan="1" %)(((
	298	Master
	299	)))\|(% colspan="1" %)(((
	300	Maintainer
	301	)))
	302	\|(% colspan="1" %)(((
	303	Admin
	304	)))\|(% colspan="1" %)(((
	305	Owner
	306	)))
	307
5.1	308	Regarding permissions for Group Permissions in GitLab, see [[https:~~/~~/docs.gitlab.com/ee/user/permissions.html#group-members-permissions>>url:https://docs.gitlab.com/ee/user/permissions.html#group-members-permissions]].
1.1	309
	310	= Harbor Project Roles =
	311
	312	Harbor manages images through projects. You provide access to these images to users by including the users in projects and assigning one of the following roles to them:
	313
5.1	314	\|=(((
1.1	315	Harbor
	316	)))\|=(((
	317	Portal
	318	)))\|=
	319	\|=Role Name\|=Role Id\|=Project Role
	320	\|Project Admin\|1\|ADMIN
	321	\|Maintainer\|4\|MASTER
	322	\|Developer\|2\|DEVELOPER
	323	\|Guest\|3\|VIEWER
	324
	325	=== Harbor Roles Permissions ===
	326
5.1	327	\|=(((
1.1	328	Action
	329	)))\|=(((
	330	Limited Guest
	331	)))\|=(((
	332	Guest
	333	)))\|=(((
	334	Developer
	335	)))\|=(((
	336	Maintainer
	337	)))\|=(((
	338	Project Admin
	339	)))
	340	\|See the project configurations\|✅\|✅\|✅\|✅\|✅
	341	\|Edit the project configurations\|❌\|❌\|❌\|❌\|✅
	342	\|See a list of project members\| \|✅\|✅\|✅\|✅
	343	\|Create/edit/delete project members\|❌\|❌\|❌\|❌\|✅
	344	\|See a list of project logs\|✅\|✅\|✅\|✅\|❌
	345	\|See a list of project replications\|❌\|❌\|❌\|✅\|✅
	346	\|See a list of project replication jobs\|❌\|❌\|❌\|❌\|✅
	347	\|See a list of project labels\|❌\|❌\|❌\|✅\|✅
	348	\|Create/edit/delete project labels\|❌\|❌\|❌\|✅\|✅
	349	\|See a list of repositories\|✅\|✅\|✅\|✅\|✅
	350	\|Create repositories\|❌\|❌\|✅\|✅\|✅
	351	\|Edit/delete repositories\|❌\|❌\|❌\|✅\|✅
	352	\|See a list of images\|✅\|✅\|✅\|✅\|✅
	353	\|Retag image\|❌\|✅\|✅\|✅\|✅
	354	\|Pull image\|✅\|✅\|✅\|✅\|✅
	355	\|Push image\|❌\|❌\|✅\|✅\|✅
	356	\|Scan/delete image\|❌\|❌\|❌\|✅\|✅
	357	\|Add scanners to Harbor *\|❌\|❌\|❌\|❌\|❌
	358	\|Edit scanners in projects\|❌\|❌\|❌\|❌\|✅
	359	\|See a list of image vulnerabilities\|✅\|✅\|✅\|✅\|✅
	360	\|Create list of project vulnerabilities\|❌\|❌\|✅\|✅\|✅
	361	\|Read list of project vulnerabilities\|❌\|❌\|✅\|✅\|✅
	362	\|Export list of project vulnerabilities\|❌\|❌\|✅\|✅\|✅
	363	\|See image build history\|✅\|✅\|✅\|✅\|✅
	364	\|Add/Remove labels of image\|❌\|❌\|✅\|✅\|✅
	365	\|See a list of helm charts\|✅\|✅\|✅\|✅\|✅
	366	\|Download helm charts\|✅\|✅\|✅\|✅\|✅
	367	\|Upload helm charts\|❌\|❌\|✅\|✅\|✅
	368	\|Delete helm charts\|❌\|❌\|❌\|✅\|✅
	369	\|See a list of helm chart versions\|✅\|✅\|✅\|✅\|✅
	370	\|Download helm chart versions\|✅\|✅\|✅\|✅\|✅
	371	\|Upload helm chart versions\|❌\|❌\|✅\|✅\|✅
	372	\|Delete helm chart versions\|❌\|❌\|❌\|✅\|✅
	373	\|Add/Remove labels of helm chart version\|❌\|❌\|✅\|✅\|✅
	374	\|See a list of project robots\|❌\|❌\|❌\|✅\|✅
	375	\|Create/edit/delete project robots\|❌\|❌\|❌\|❌\|✅
	376	\|See configured CVE allowlist\|✅\|✅\|✅\|✅\|✅
	377	\|Create/edit/remove CVE allowlist\|❌\|❌\|❌\|❌\|✅
	378	\|View webhook events\|❌\|❌\|❌\|✅\|✅
	379	\|Add new webhook events\|❌\|❌\|❌\|❌\|✅
	380	\|Enable/deactivate webhooks\|❌\|❌\|❌\|❌\|✅
	381	\|Create/delete tag retention rules\|❌\|❌\|✅\|✅\|✅
	382	\|Enable/deactivate tag retention rules\|❌\|❌\|✅\|✅\|✅
	383	\|Create/delete tag immutability rules\|❌\|❌\|❌\|✅\|✅
	384	\|Enable/deactivate tag immutability rules\|❌\|❌\|❌\|✅\|✅
	385	\|See project quotas\|✅\|✅\|✅\|✅\|✅
	386	\|Edit project quotas *\|❌\|❌\|❌\|❌\|❌
	387	\|Delete Project\|❌\|❌\|❌\|❌\|✅
	388
	389	~* Only the Harbor system administrator can edit project quotas and add new scanners.
	390
	391	= Gitea =
	392
	393	Please note, that some terms used in DevOps-as-a-Service have different names in Gitea. Please check the following table to avoid any confusion.
	394
5.1	395	\|=(((
1.1	396	DevOps Portal
	397	)))\|=(((
	398	Gitea
	399	)))
	400	\|(((
	401	Project
	402	)))\|(((
	403	Organization
	404	)))
	405	\|(((
	406	Project Role
	407	)))\|(((
	408	Team
	409	)))
	410	\|(((
	411	Git Repository
	412	)))\|(((
	413	Repository
	414	)))
	415	\|(((
	416	Artifact Repository
	417	)))\|(((
	418	Package
	419	)))
	420	\|(((
	421	Issue Tracking
	422	)))\|(((
	423	Project (currently disabled)
	424	)))
	425
	426	The Owner team has full admin permission in the Organization. This is a technical user used by the DevOps Portal for auto-provisioning.
	427
5.1	428	\|=(((
1.1	429	Gitea Role
	430	)))\|=(((
	431	Portal Project Role
	432	)))\|=Permissions
	433	\|(((
	434	Viewer
	435	)))\|Viewer\|Read
	436	\|(((
	437	Developer
	438	)))\|(((
	439	Developer
	440	)))\|Read, Write
	441	\|(% colspan="1" %)(((
	442	Master
	443	)))\|(% colspan="1" %)Master\|Read, Write
	444	\|(% colspan="1" %)Admin\|(% colspan="1" %)Admin\|Read, Write, Repository create
	445
	446	= Nexus Project Roles =
	447
	448	For each role in a project a role in Nexus is created which includes one Privilege for each repository in the project.
	449
5.1	450	\|=(((
1.1	451	Role
5.1	452	)))\|=(((
1.1	453	Admin
5.1	454	)))\|=(((
1.1	455	Master
5.1	456	)))\|=(((
1.1	457	Developer
5.1	458	)))\|=(((
1.1	459	Viewer
	460	)))
5.1	461	\|(((
1.1	462	ID
5.1	463	)))\|(((
1.1	464	PROJECTKEY-admin
5.1	465	)))\|(((
1.1	466	PROJECTKEY-master
5.1	467	)))\|(((
1.1	468	PROJECTKEY-developer
5.1	469	)))\|(((
1.1	470	PROJECTKEY-viewer
	471	)))
5.1	472	\|(((
1.1	473	Name
5.1	474	)))\|(((
1.1	475	PROJECTKEY-admin
5.1	476	)))\|(((
1.1	477	PROJECTKEY-master
5.1	478	)))\|(((
1.1	479	PROJECTKEY-developer
5.1	480	)))\|(((
1.1	481	PROJECTKEY-viewer
	482	)))
5.1	483	\|(((
1.1	484	Privilege
5.1	485	)))\|(((
1.1	486	PROJECTKEY-docker-admin
	487
	488	PROJECTKEY-maven-admin
	489
	490	PROJECTKEY-//repotype//-admin
5.1	491	)))\|(((
1.1	492	PROJECTKEY-docker-master
	493
	494	PROJECTKEY-maven-master
	495
	496	PROJECTKEY-//repotype//-master
5.1	497	)))\|(((
1.1	498	PROJECTKEY-docker-developer
	499
	500	PROJECTKEY-maven-developer
	501
	502	PROJECTKEY-//repotype//-developer
5.1	503	)))\|(((
1.1	504	PROJECTKEY-docker-viewer
	505
	506	PROJECTKEY-maven-viewer
	507
	508	PROJECTKEY-//repotype//-viewer
	509	)))
	510
	511	For each role in a project a Privilege of type Repository Content Selector is created which combines Content Selector (Project), Repository (Docker Registry) and Actions depending on the role.
	512
5.1	513	\|=(((
1.1	514	Privilege / Role
5.1	515	)))\|=(((
1.1	516	Admin
5.1	517	)))\|=(((
1.1	518	Master
5.1	519	)))\|=(((
1.1	520	Developer
5.1	521	)))\|=(((
1.1	522	Viewer
	523	)))
5.1	524	\|(((
1.1	525	Name
5.1	526	)))\|(((
1.1	527	PROJECTKEY-docker-admin
5.1	528	)))\|(((
1.1	529	PROJECTKEY-docker-master
5.1	530	)))\|(((
1.1	531	PROJECTKEY-docker-developer
5.1	532	)))\|(((
1.1	533	PROJECTKEY-docker-viewer
	534	)))
5.1	535	\|(((
1.1	536	Content Selector
5.1	537	)))\|(((
1.1	538	PROJECTKEY-docker
5.1	539	)))\|(((
1.1	540	PROJECTKEY-docker
5.1	541	)))\|(((
1.1	542	PROJECTKEY-docker
5.1	543	)))\|(((
1.1	544	PROJECTKEY-docker
	545	)))
5.1	546	\|(((
1.1	547	Repository
5.1	548	)))\|(((
1.1	549	docker-registry
5.1	550	)))\|(((
1.1	551	docker-registry
5.1	552	)))\|(((
1.1	553	docker-registry
5.1	554	)))\|(((
1.1	555	docker-registry
	556	)))
5.1	557	\|(((
1.1	558	Actions
5.1	559	)))\|(((
1.1	560	delete, add, edit, browse, read
5.1	561	)))\|(((
1.1	562	add, edit, browse, read
5.1	563	)))\|(((
1.1	564	add, edit, browse, read
5.1	565	)))\|(((
1.1	566	browse, read
	567	)))
	568
5.1	569	See [[https:~~/~~/help.sonatype.com/repomanager3/security/privileges>>url:https://help.sonatype.com/repomanager3/nexus-repository-administration/access-control/privileges]] for available Actions.