Authorization Policies and Permissions
Authorization policies determine the actions that users can perform with the mashables, mashups and apps that governs. Policies also determine user access to the features and tools in the and the Enterprise AppDepot.
By default, authorization is enabled in MashZone NextGen. All actions are forbidden unless explicitly granted in a policy.
Note: You can choose to disable authorization during an initial development phase to simplify access to register and create mashables, mashups and apps. See
Enable or Disable Authorization for instructions.
The categories of authorization policies that are defined in MashZone NextGen are shown below.
Owner/Admin Permissions: users automatically obtain owner permissions when they create artifacts. Administrator permissions are defined when you assign users to the
Presto_Administrator built-in group (see Access/Create policies).
Owners have full permissions to all actions for the artifacts they create, except the feature/unfeature action. Administrators have owner permissions for all artifacts as well as for the feature/unfeature action.
You can also grant guest access to use artifacts. Guest access grants permission for anyone to run that artifact, even users who are not logged in. See
Authentication and Guest Access for instructions.
View Permissions: authenticated users can see artifacts in
MashZone NextGen Hub and the
AppDepot even for artifacts for which they do not have run permissions. They can open the artifact and request permissions, but they cannot run or preview the artifact.