Logo Sonatype CLM Sonatype CLM Server - Security Administration
Documentation Index
Sonatype CLM Downloads
Release Notes
Document Descriptions and PDFs
Upgrade Instructions
Requirements

Sonatype CLM Server
Installation and Configuration
Security Administration
Policy Management
Dashboard
Application Composition Report
REST APIs

Sonatype CLM for...
Bamboo
CLI
Hudson and Jenkins
IDE
Maven
Nexus
SonarQube

The CLM Book (All Guides)
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Server - Security Administration

4.1. Role Definitions

Administrator

The Administrator role is considered a global role, and is managed via system preferences figs/web/clm-server-system-preferences-icon.png.. It has the full permissions to view, create, and modify any element of the Sonatype CLM Server. This extends to interaction with the entire suite of Sonatype CLM tools, and includes permission to evaluate applications or components and review the results.

[Warning]

Due to the unrestricted access of the Administrator role, changing the password from the provided default is highly recommended.
Owner
The Owner role provides full permissions for the user mapped to the Organization or Application. This includes viewing, creating, and modifying any element within the scope of the respective organization/application. It also includes permisson to evaluate applications or components and review the results.
Developer
The Developer role provides view permissions for the user mapped to the Organization or Application. It also includes permission to evaluate components and review the results.
Application Evaluator
The Application Evaluator role provides permission to submit applications for evaluation and retrieve summary-level results for the user mapped to the Organization or Application. This role is useful for tools such as continuous integration (e.g. CLM for Bamboo or CLM for Hudson/Jenkins) and command line evaluation (e.g. CLM for CLI). This role can also be used to configure these tools and allows these tools to display a summary of the policy evaluation.
Component Evaluator
The Component Evaluator role provides permission to submit components for evaluation and retrieve summary-level results for the user mapped to the Organization or Application. This role is useful for tools such as an IDE (e.g. CLM for IDE) and Nexus (e.g. CLM for Nexus) which retrieve policy evaluation at the component level. While this role can retrieve evaluation results, it cannot override any component data nor apply component labels.
[Note]

For all roles except the Administrator role, when a user is mapped to a role for an Organization, the user will have the same permissions associated with that role for any attached Applications.