As an enterprise NuGet Package Repository, ProGet is built with security in mind and utilizes a fairly standard principal-role-task model for security. In this model, privileges are defined by three attributes:
- Principal - a user-definable user or a group
- Task - a system-defined securable operation within BuildMaster
- Role - a user-definable set of tasks
For example, the task "Add Package" is part of both the "Developer" and "Administrator" roles, and those roles are assigned respectively to the Developers and Administrators group.
Privileges in ProGet may also be scoped to a specific feed. For example, a role which contains the "Add Package" task may assigned to Contract Developers for a development-only feed, but restricted for another feed.
Grant and Deny
To allow for more complex security scenarios configurations, a privilege can deny access instead of providing it. For example, instead of creating a privilege for feed a principal has access to, a single deny privilege could be created to restrict access to a specific feed.
When multiple, overlapping privileges are defined, specificity and deny determine whether access is granted. The evaluation order is as follows:
- User-specific Deny
- User-specific Grant
- Group Deny
- Group Grant
Within each evaluation, the following order presides: feed, global. For example, if the following privileges are defined:
- Developers group has Package Manager role globally
- Developers group is denied Package Manager role in the Operations Feed
- Joe Developer is granted Package Manager for Operations Feed
Joe Developer will be able to manage packages in the Operations Feed, where as no other developers would.
This content has the following tags: