Samples > Rule Team Server Business Rule Management Extensions > How to Implement Rule Governance in Rule Team Server

How to Implement Rule Governance in Rule Team Server

PREVIOUS NEXT

This sample shows how to use permissions to define a workflow, repackage Rule Team Server with the configuration file, and generate smart views.

When managing rule changes in Rule Team Server, it is useful to control the rule change workflow (life cycle).

The sample contains:

Users can only see rules with a status relevant to their role, and can only change a rule's status to values authorized for their role. The following diagram shows a typical workflow between roles, and is the workflow used in this sample.

images/governance.png

The roles in this sample have been defined as follows:

This sample generates RSS data whenever the status changes. It makes the RSS data available from the web server, and then invites interested users to subscribe to the RSS feed using an RSS reader tool.

Key Features

Key features of this sample include:

Installing this Sample

To install this sample:

  1. Go to the Samples Console and locate the teamserver > serverrulegovernance sample.
  2. Check that the Samples Server is started. For information on how to start and stop the Samples Server, see Stopping and Restarting the Samples Server from the Samples Console.
  3. Execute the run command to package the compiled code inside the Rule Team Server EAR.
  4. Wait until you see the following message before continuing: Rule Team Server Governance sample sucessfully installed....BUILD SUCCESSFUL

Executing the run command customizes and redeploys the Rule Team Server application. In addition, the loanvalidation-rules are modified as follows:

All this information is retrieved from a configuration file and set using the Rule Team Server API.

The workflow management is now in place.

Running this Sample

This sample can only be opened and run in the Samples Console.

Before running the sample, please note the following:

Step 1: View Project Security Settings

This exercise demonstrates how to look at the current security settings for any of the user roles. Here, we select the author role.

To view the current project security settings:

  1. Open a web browser and enter the following URL to access Rule Team Server: http://localhost:8080/teamserver/.
  2. Sign in to Rule Team Server using the following details:
    3. Username: rtsAdmin
    Password: rtsAdmin
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Admin tab.
  5. Click Edit Project Security.
    6. See how Enforce security for this project is selected, and a number of groups are associated with the project.
  6. Click Cancel to return to the Admin tab.
  7. On the Admin tab, click Edit Permissions.
  8. Select author from the drop-down list and view the security settings for that role.
  9. Sign out of Rule Team Server.
Step 2: Manage a Rule Life Cycle

This exercise demonstrates how each user role processes rules at each stage of the rule life cycle. You will be asked to sign in as an author, a reviewer, a tester, a deployer, and an administrator.

To sign in as an author:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/
  2. Sign in to Rule Team Server using the following details:
    3. Username: autUser
    Password: autUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Explore tab.
    5. Notice that the author role is set up to have access only to the New Rules and Refused Rules smart views.
  5. Click New Rule(s), and then click the Edit or Delete icon above it.
    6. You will notice that you are not allowed to update or delete smart views.
  6. Click the Back button.
  7. In the table, select the Approval rule and click Edit.
  8. In the Properties step, click the Status list box.
    9. Two values are displayed. These are the only transitions available for an author when a rule has a status of new.
  9. Select defined.
  10. Enter a comment in Status Comment.
  11. Click Next.
    12. Notice that you can now edit the contents of the rule.
  12. Click Finish. The rule now has a status of defined.
  13. Click Edit, and then click the Properties step.
    14. Notice that the rule is now read-only.
  14. Sign out of Rule Team Server.

To sign in as a reviewer with defined status:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/
  2. Sign in to Rule Team Server using the following details:
    3. Username: revUser
    Password: revUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Explore tab.
    5. Notice that the reviewer role is set up to have access to the Defined Rules, Deployed Rules, Deprecated Rules, and Inactive Rules smart views.
  5. Select the Approval rule and click Edit.
  6. In the Properties step, click the Status list box.
    7. Three values are displayed. These are the only transitions available for a reviewer when a rule has a status of defined.
  7. Select reviewed.
  8. Enter a comment in Status Comment.
  9. Click Next.
    10. Notice that you cannot edit the contents of the rule.
  10. Click the Documentation step.
    11. You can enter data in this field, because the reviewer role is able to update the documentation property when the status of the rule is defined, deprecated, or inactive.
  11. Click Finish. The rule now has a status of reviewed.
  12. Click the Edit button, and then click the Properties step.
    13. Notice that the rule is now read-only.
  13. Click the Documentation step.
    14. Notice that the documentation property is now read only.
  14. Click Cancel.
    15. On the Explore tab you will notice that the Approval rule is no longer displayed and Defined Rules is empty.
  15. Sign out of Rule Team Server.

To sign in as a tester:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/
  2. Sign in to Rule Team Server using the following details:
    3. Username: tesUser
    Password: tesUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Explore tab.
    5. Notice that a tester can only see Reviewed Rules.
  5. Select the Approval rule and click Edit.
  6. In the Properties step, click the Status list box.
    7. Three values are displayed. These are the only transitions available for a tester when a rule has a status of reviewed.
  7. Select tested.
  8. Enter a comment in Status Comment.
  9. Click Next.
    10. Notice that you cannot edit the contents of the rule.
  10. Click Finish. The rule now has a status of tested.
  11. Click the Edit button, and then click the Properties step.
    12. Notice that the rule is now read-only.
  12. Click the Explore tab.
    13. Notice that the Approval rule is no longer displayed and Reviewed Rules is empty.
  13. Sign out of Rule Team Server.

To sign in as a deployer:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/
  2. Sign in to Rule Team Server using the following details:
    3. Username: depUser
    Password: depUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Explore tab.
    5. Notice that as a deployer, you can only see Tested Rules.
  5. Select the Approval rule and click Edit.
  6. In the Properties step, click the Status list box.
    7. Three values are displayed. These are the only transitions available for a deployer when a rule has a status of tested.
  7. Select deployed.
  8. Enter a comment in Status Comment.
  9. Click Next.
    10. Notice that you cannot edit the contents of the rule.
  10. Click Finish. The rule now has a status of deployed.
  11. Click the Edit button, and then click the Properties step.
    12. Notice that the rule is now read-only.
  12. Click the Explore tab.
    13. Notice that the Approval rule is no longer displayed and Tested Rules is empty.
  13. Sign out of Rule Team Server.

To sign in as a reviewer with deployed rule status:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/
  2. Sign in to Rule Team Server using the following details:
    3. Username: revUser
    Password: revUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Explore tab.
  5. Click Deployed Rule(s).
  6. Select the Approval rule, and then click Delete.
    7. A message is displayed stating that you cannot delete the item because of its status. This is because reviewers can only delete rules that have a status of deprecated or inactive. To demonstrate this, you will change the status to inactive and then try the delete again.
  7. Click the Back button.
  8. Select the Approval rule and click Edit.
  9. In the Properties step, set the Status to inactive.
  10. Click Finish.
    11. Notice that the Delete button is unavailable in the Details page.
  11. Click Explore > Details in the breadcrumbs to return to the Explore tab.
  12. Click the Inactive Rule(s) smart view.
  13. Select the Approval rule.
  14. Click Delete, but do not confirm in order to keep the project clean.
    15. As you can see, you can now delete this rule, because it has a status of inactive.
  15. Sign out of Rule Team Server.

By moving through each role, you have managed the complete rule approval life cycle.

This sample also uses a special role: the administrator.

To sign in as the administrator:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/
  2. Sign in to Rule Team Server using the following details:
    3. Username: admUser
    Password: admUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Explore tab.
    5. Notice that an administrator can see all rule statuses: New, Defined, Reviewed, Tested, Deployed, Deprecated, Inactive, and Refused.
  5. Click Inactive Rule(s). You should see the Approval rule.
  6. Sign out of Rule Team Server.
Step 3: Control Query Actions

This exercise demonstrates the controls that are in place to restrict the actions that an author role can perform.

To control query actions:

  1. Connect to Rule Team Server using the following URL: http://localhost:8080/teamserver/.
  2. Sign in using the following details:
    3. Username: autUser
    Password: autUser
  3. On the Home page, select loanvalidation-rules as the Project in use.
  4. Click the Query tab.
  5. In the left pane, click New.
  6. Create the following query: 
Find all business rules 

  [such that]

Do

  set the status of each business rule to validated
  1. Click Run Query.
  2. On the table displayed, select the Approval rule.
  3. Click Apply Actions.
    4. Since as an author you cannot set the status to validated, you get the message: Cannot apply actions : You cannot update this element : approval
  4. Sign out of Rule Team Server.
Step 4: View Rule Status Changes Using RSS

The sample generates RSS data whenever the status value changes, and makes it available from the web server. A URL pointing to the updated rule is attached to the RSS data so that the user can edit the rule directly.

To display the RSS data, open your browser and enter the following URL:

http://localhost:8080/teamserver/RSSRawProvider.jsp?project=loanvalidation-rules

The URL is built partially with information coming from the serverrulegovernance/data/server.properties file.

You can use any RSS reader to subscribe to the RSS feeds. To view loanvalidation-rules, configure it to point to http://localhost:8080/teamserver/RSSRawProvider.jsp?project=loanvalidation-rules.

For example, when using Internet Explorer 7, you get RSS data such as the following:

images/rule_governance_rss.png

Source Files

This sample is located in: <InstallDir>/teamserver/samples/serverrulegovernance. It contains the following source files:

Class 
Description 
Installer.java
Installs the needed configuration in Rule Team Server  
PermissionHelper.java
Loads the defined permissions and sets them in Rule Team Server  
SecurityHelper.java
Adds groups to Rule Team Server and sets the security on the project  
Role.java
Represents the roles defined in the configuration file (data/configuration.properties
ApplicationException.java
A common exception 
Constants.java
Constants used through the sample 
Utilities.java
Utilities class for IO and Rule Team Server model navigation 
LifeCycleConfiguration.java
The interface defining the contract for rule governance handlers 
LifeCycleConfigurationDefaultImpl.java
The default class implementing the rule governance 
NotificationListener.java
The interface defining the contract for status modification handler  
WorkflowSessionController.java
The Rule Team Server custom controller. This is the core class. 
AbstractPropertyListener.java
An abstract class helper when reading the configuration file 
AuthorizedValues.java
A class that wraps context authorized values 
PermissionManager.java
Manages the permissions 
SmartViewManager.java
Manages the technical smart views 
StatusPropertyManager.java
Manages the value the status property takes 
StatusValuesManager.java
Manages the values that a status can take 
SynonymManager.java
Manages aliases in the configuration file 
TransitionManager.java
Manages available status transitions 
UserManager.java
Manages users  
Item.java
Contains event data when a status is modified 
NotificationListenerDefaultImpl.java
The default implementation handler consuming item 
RSSChannel.java
An RSS channel helper 
RSSRawProvider.jsp
Convenient JSP helper returning to RSS Reader the RSS data corresponding to status modification event items 

Highlights

In this sample, we manage the rule life cycle of the loanvalidation-rules project. The data used for controlling the life cycle is read from the serverrulegovernance/data/configuration.properties file.

Install the custom controller

To customize the Rule Team Server EAR and deploy it to the application server:

  1. Execute the ant targets set-extensions and upload-messages of the build.xml.
    1. The set-extensions target is used to modify the Rule Team Server model. In order to manage rule life cycle, we have added the status and commenttstatus properties to the model. See the <INSTALL_DIR>\teamserver\samples\serverrulegovernance\data\model\extensionModel.brmx and extensionModel.brdx files.
    2. The upload-messages target is used to add a label to these properties, displayed in the UI when editing the status or the statuscomment. See the file:
      3. <INSTALL_DIR>\teamserver\samples\serverrulegovernance\data\message\serverrulegovernance_en_US.properties
  2. To deploy the EAR, execute the deploy command of the build.xml.
Configure the target project (loanvalidation-rules)

To configure the target project by executing the run.install command of build.xml:

  1. Connect to Rule Team Server.
  2. Create a group for each possible status value (newGroup, reviewedGroup, THE_STATUS_VALUEGroup) defined in the configuration file.
  3. Create a smart view for each possible status value.
    1. Syntax: Find all business rules such that the status of each business rule is THE_STATUS_VALUE.
    2. Group: THE_STATUS_VALUEGroup.
  4. Create a group for each role defined in the configuration file.
  5. Set the security for the target project to ON.
  6. Assign all created groups to the target project.
  7. Install permission reads from data/permission/ROLE_NAME.permissions.
  8. Sign out of Rule Team Server.
Connect to Rule Team Server

When you start using Rule Team Server, the CustomController class is loaded and it reads the configuration file.

The controller is now ready to manage the rule life cycle, processed as follows.

Rebuilding and Customizing this Sample

To rebuild the sample, you need to compile the sample and modify the configuration file. You can also customize the sample.

To compile the sample, execute the build command in the Samples Console.

To modify the configuration file:

  1. Using a text editor, open the file serverrulegovernance/data/configuration.properties.
    2. The configuration syntax is fully explained in the configuration file.
  2. Update and save the file.
  3. If you have modified roles, status, or user configurations:
    1. In the Samples Console, execute the run.printprofile command to print the application server roles configuration.
    2. Copy/Paste the printed data in \shared\tools\jboss\server\jrulessamples\conf\roles.properties.
    3. Stop the Sample Console and restart it.
  4. In the Samples Console, execute the run command to redeploy and reconfigure Rule Team Server.

To customize the sample:

  1. Modify the configuration file, as described earlier in this section.
  2. To add a role:
    1. Locate the following line: roles = administrator;author;reviewer;deployer;tester
    2. Add the role newrole, as follows: roles = administrator;author;reviewer;deployer;tester;newrole
    3. In the Samples Console, execute the run.generatepermission command to generate default permission templates for all defined roles.
    4. Copy <INSTALL_DIR>/teamserver/samples/serverrulegovernance/newpermissions/newrole.permissions to:
      5. <INSTALL_DIR>/teamserver/samples/serverrulegovernance/data/permission/role.
    5. Remove the /teamserver/samples/serverrulegovernance/newpermissions directory.
    6. Modify the newrole.permission file, as needed.
  3. To add a user newUser with 1 role (newrole):
    1. Locate the line user.XXXXX=YYYYY.
    2. Add the user newUser as follows: user.newUser=newrole.
  4. To add a new status newstatus to the rules:
    1. Locate the line status.property.BusinessRule.status.values = new;defined ...
    2. Add the new status 'newstatus' as follows:
      3. * status.property.BusinessRule.status.values = newstatus;new;defined...
  5. To give a new role named newrole permissions to delete:
    1. Add the following line if you want to grant the delete operation to any status value: BusinessRule.delete.newrole = *
    2. Add the following line if you want to restrict the delete operation to a status value of inactive or newstatus: BusinessRule.delete.reviewer = inactive;newstatus
  6. To define the status for which a property can be updated for a new role named newrole:
    1. Add the following line if you want to allow any property to be updated, regardless of its status: BusinessRule.update.*.newrole = *
    2. Add the following line if you want to allow any property to be updated when its status is new: BusinessRule.update.*.newrole = new
    3. Add the following line if you want to allow a specific property to be updated when its status is newstatus: BusinessRule.update.XXXXX.newrole = newstatus
  7. To define the initial status of a rule as newstatus, change the line transition.BusinessRule.status.initial...' to: transition.BusinessRule.status.initial = newstatus
  8. To define the status transition for a given role (newrole), add the following line for each allowed transaction. Here, the newrole role will be authorized to change the status from new to new, defined, or newstatus: transition.BusinessRule.status.newrole.new = new;defined;newstatus

Related Concepts

Rule Model Extension Schema
Rule Model API

Related Tasks

Defining Common Model Extensions for Rule Studio and Rule Team Server
Using Specific Rule Model Annotations
Implementing the Session Controller
Using the Rule Team Server API

Related Reference

Tables for Extended Features

Related Samples and Tutorials

How to Trigger Notifications when Elements Change in Rule Team Server
Copyright © 1987-2008 ILOG S.A. All rights reserved. Legal terms. Documentation homepage. PREVIOUS NEXT