#1117 - OIC Projects - Shared Lookups & RBAC

Introduction 

Sharing resources between projects is a great value add in OIC. However, many of us do this with the same user, i.e. userNN creates the common project containing the shared resource, userNN then creates a new project that uses the shared resource. So what happens when userXX tries to do the latter?

Here is a simple demo - 

I create a common project containing a shared lookup - 

As the same user, I create a new project, and use the shared lookup in a Map action -

Looks good, I have access to the shared lookup.

Now to my second user - 

She creates a new project and attempts to use the same shared lookup - 

The shared lookup does not surface.

This is because of project RBAC (Resource Based Access Control)

Return to the common project and check out the RBAC settings - 

I now set Can view as follows - 

I set to Everyone.

Back to the second user and her Map configuration - 

She now has access to the common lookup -

Summa Summarum

In my case the first user has the ServiceAdministrator role, seeing as he is providing common artifacts etc.

The second user has the ServiceDeveloper role.

Giving Everyone the Can view permission, means developers can open the common project and view its contents. You could make this access more granular by defining a new role in IDCS and adding only those who need to use the shared lookup.