ProGet Documentation

Security and Privileges

Users and Group add a level of granular control and security within ProGet. By associating users with a group or groups, organization are able to permit and restrict access to appropriate users.

A user directory is a collection of users and groups that ProGet can query. Currently, ProGet supports three types of user directories:

  • Built-In - The default basic user account system used by new installs of ProGet.
  • LDAP/Single Domain AD - Users and groups from an LDAP directory are used, such as an Active Directory domain.
  • AD Domain Forest - Users and groups from multiple domains in an Active Directory forest are used.

Directories are exclusive; meaning you can only use one at a time. For this reason, it’s important to make sure you will have sufficient administer permissions in ProGet for the user directory you are switching to. If you do accidentally lock yourself out, don’t worry; you can easily run the ProGet.Service.exe program, and select the reset to Built-In option.

Built In Directory

ProGet's built in user directory is used by default and initially contains two user accounts:

  • Admin - Administrator with full privileges; default password is Admin
  • Anonymous - Special user which represents anyone browsing the site anonymously

Tasks

ProGet allows you to create and customizes as many tasks as needed. Tasks in ProGet define the specific ability, access, and functions users or group are allowed to edit, create, and view. ProGet comes built-in with four tasks out of the box: Administer, Manage Feed, Publish Packages, and View and Download Packages. Built-in task can be edited and modified but it’s important to note that future updates may affect these built-In tasks.

ProGet allows you to create specific tasks that can be scoped at a feed level:

Creating a Task in ProGet

Administrators can assign restrictions and permissions based on a group and individual users. It’s important to note that permissions are additive and restrictions override permission when they’re at the same level; the more specific personnel (One user vs. Group) or a more defined scope (Specific Feed vs. All Feeds) always override.

Examples

By associating users with a group you’re able to assign alike users the same permissions and restrictions. For example everyone in the “Managers” group has access to manage feeds except the private-npm feed, only Bob who is also part of the managers groups has the permission to manage the npm feed.

Permissions and restrictions in ProGet