Hi,
After a meeting today with Jean-Jacques and Pierre, here is what we have agreed to do for RBAC for BI.
Cheers,
Eugenia
Scope of the RBAC test for BI
- The equipment we are considering are Beam loss monitors, the Wire scanners and the Beam TVs
- The operational GUI applications we are considering are :
- Beam Losses: owner OP/FABIO FOLLIN
- Beam Losses - Capture Data: owner OP/FABIO FOLLIN
- BTV: owner OP/FABIO FOLLIN
- Wire Scanner: owner OP/GUY CROCKFORD
- The expert GUI applications we are considering are :
- BI Navigator: owner BI
- BI Expert WS: owner BI
- For the moment, only WireScanner and BI expert applications are RBAC Enabled.
Test plan for Tuesday dry-run with beam up to TI8 TED
- load the concerned Front Ends FESA classes with the RBAC access-maps
- Modify the RBAC behaviour and the RBAC rules, and monitor the behaviour of the concerned applications for both the strict RBAC behaviour and the light RBAC behaviour.
- check how subscriptions behaves in case of loss of communication, of restart of the FESA classes, or reboot of the FE
- check in which RBAC state the FE comes back after a reboot
- the results of the dry run will finalise the RBAC deployment plan of the Beam2 Injection test
Deployment of RBAC for the TI8 Sector 7-8 Beam2 Injection test
- For the Wire scanner FESA classes, RBAC will be deployed in the strict mode
- For the Beam loss monitors and Beam TVs, RBAC will be deployed in the light mode
Description of the 2 different RBAC modes :
Strict policy mode : (applies ONLY to FESA 2.10 devices)
No token - refuse
Get without rules - grant
Get with rules - check rules
Set without rules - refuse
Set with rules - check rules
Light policy mode : (applies to ALL FESA devices)
No token - grant
Get without rules - grant
Get with rules - check rules
Set without rules - grant
Set with rules - check rules