Repository Management with Nexus

6.15. Managing Roles

Nexus ships with a large number of predefined including Nexus Administrator Role, Nexus Anonymous Role, Nexus Developer Role, and Nexus Deployment Role. Click on the Roles menu item under Security in the Nexus menu to show the list of roles shown in Figure 6.33, “Viewing the List of Defined Roles”.

figs/web/repository-manager_security-roles.png

Figure 6.33. Viewing the List of Defined Roles


To create a new role, click on the Add… button, select Nexus Role and fill out the New Nexus Role form shown in Figure 6.34, “Creating a New Nexus Role”.

figs/web/repository-manager_security-new-nexus-role.png

Figure 6.34. Creating a New Nexus Role


When creating a new role, you will need to supply a Role ID, a Name and a Description. Roles are comprised of other roles and individual privileges. To assign a role or privilege to a role, click on Add button under Role/Privilege Management to access the Add Roles and Privileges dialog displayed in Figure 6.35, “The Dialog to Add Roles and Privileges”. It allows you to filter the paged displayed of all the available roles and privileges with a filter text as well as narrowing the search to roles or privileges only. Using the filter and the paging you will be able to find the desired role or privilege quickly.

figs/web/repository-manager_security-add-roles-dialog.png

Figure 6.35. The Dialog to Add Roles and Privileges


The built-in roles are managed by Nexus and cannot be edited or deleted. The role confirguration section below the list is visible but disabled for these roles.

A Nexus role is comprised of other Nexus roles and individual Nexus privileges. To view the component parts of a Nexus Role, select the role in the Roles list and then choose the Role Tree tab as shown in Figure 6.36, “Viewing a Role Tree”.

figs/web/repository-manager_security-role-tree.png

Figure 6.36. Viewing a Role Tree


[Tip]

With the Repository Targets, you have fine-grained control over every action in the system. For example, you could make a target that includes everything except sources (.*(?!-sources)\.*) and assign that to one role while giving yet another role access to everything. Using these different access roles e.g., you can host your public and private artifacts in a single repository without giving up control of your private artifacts.