Skip to main content

Managing User Permissions for System Activities

Use the procedures described in this section to grant or revoke the following types to user permissions used to manage system-wide activities:

  • System Administrators—Grants permissions to configure Code Insight at the system level—scheduling Code Insight Electronic Updates, managing Code Insight user accounts and permissions, defining global project defaults and the scan profiles associated with projects, specifying the CVSS version for vulnerability reporting, configuring an email server for Code Insight notifications, setting up Code Insight for LDAP and single sign-on, and integrating Code Insight with application management system (ALMs), such a Jira.

  • Manage Policy—Grants the user permission to manage policies that automate the inventory review process—that is, automatically mark published inventory items as approved, rejected, or requiring a manual review—without the need for manual reviews.

  • Policy details are described in “Managing Policies to Automatically Review Inventory” section in the Code Insight User Guide.

  • Create Project—(Displayed only if you selected No for Allow all users to create projects?) Grants the user permission to create projects and project folders. Users automatically become the Project Contact for each project they create and are assigned to the Project Administrator role as well as other project roles.

  • The Add New button, enabling users to create projects and project folders, is visible on the Projects page for only those users granted this permission. Project and folder creation are described in the following sections in the Code Insight User Guide:

    • Creating a Code Insight Project

    • Managing Items in the Project Display

  • Library Manager—Grants the user permissions to manage custom components, custom licenses, and custom detection rules. Users with this role can create, edit, and delete custom components, custom licenses, and custom detection rules as required.

note

Users with the Library Manager role can delete custom licenses only via the Delete a custom licenseREST API.

  • For more details on managing the custom components, custom licenses, and custom detection rules, see the following sections in the Code Insight User Guide:

    • Creating and Editing Custom Components

    • Creating and Editing Custom Licenses

    • Managing Custom Detection Rules

note

In addition to these permissions, roles can be assigned to users at the individual project level, as described in the* Code Insight User Guide*.

See the topics in this section for more information: