Context Navigation

accounts.xml @ 5738

Visit:

Last change on this file since 5738 was 5738, checked in by Nicklas Nordborg, 12 years ago

References #1590: Documentation cleanup

Re-orgarnized file/directory structure of documentation to make the paths a little bit shorter.

Property svn:eol-style set to native
Property svn:keywords set to Id

File size: 37.0 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<!DOCTYPE chapter PUBLIC
3	"-//Dawid Weiss//DTD DocBook V3.1-Based Extension for XML and graphics inclusion//EN"
4	"../../../../lib/docbook/preprocess/dweiss-docbook-extensions.dtd">
5	<!--
6	$Id: accounts.xml 5738 2011-09-15 06:53:11Z nicklas $
7
8	Copyright (C) 2007 Peter Johansson, Nicklas Nordborg, Martin Svensson
9
10	This file is part of BASE - BioArray Software Environment.
11	Available at http://base.thep.lu.se/
12
13	BASE is free software; you can redistribute it and/or
14	modify it under the terms of the GNU General Public License
15	as published by the Free Software Foundation; either version 3
16	of the License, or (at your option) any later version.
17
18	BASE is distributed in the hope that it will be useful,
19	but WITHOUT ANY WARRANTY; without even the implied warranty of
20	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21	GNU General Public License for more details.
22
23	You should have received a copy of the GNU General Public License
24	along with BASE. If not, see <http://www.gnu.org/licenses/>.
25	-->
26
27	<chapter id="accounts">
28	<title>Account administration</title>
29
30	<important>
31	<title>Read <link linkend="project_permission"><xref linkend="project_permission" /></link></title>
32	<para>
33	This chapter contains important information about the
34	permission system BASE uses. It is essential that an
35	administrator knows how this works to be able to set up
36	user, groups and roles smoothly.
37	</para>
38	</important>
39
40	<sect1 id="accounts.users">
41	<title>Users administration</title>
42	<para>
43	The user list is accessed with
44	<menuchoice>
45	<guimenu>Administrate</guimenu>
46	<guimenuitem>Users</guimenuitem>
47	</menuchoice>
48	and from here are the users' account and contact information managed.
49	</para>
50
51	<sect2 id="accounts.users.edit">
52	<title>Edit user</title>
53	<para>
54	The pop-up window where information and settings for a user can be edited has three
55	tabs, one for the account related, one with information about the user and one that
56	shows the user's memberships.
57	</para>
58	<sect3 id="accounts.users.edit.properties">
59	<title>Properties</title>
60	<helptext external_id="user.edit" title="Edit user account">
61	<para>These are the properties for a user account.</para>
62	<variablelist>
63	<varlistentry>
64	<term>
65	<guilabel>Name</guilabel>
66	</term>
67	<listitem>
68	<para>
69	The full name of the user that is associated with the account.
70	</para>
71	</listitem>
72	</varlistentry>
73	<varlistentry>
74	<term>
75	<guilabel>Login</guilabel>
76	</term>
77	<listitem>
78	<para>
79	A login name to use when logging in to the account. The login
80	must be unique among all users.
81	</para>
82	</listitem>
83	</varlistentry>
84	<varlistentry>
85	<term>
86	<optional>
87	<guilabel>External ID</guilabel>
88	</optional>
89	</term>
90	<listitem>
91	<para>
92	An id that is used to identify the user outside BASE (optional).
93	If a value is given it must be unique among all users.
94	</para>
95	</listitem>
96	</varlistentry>
97	<varlistentry>
98	<term>
99	<guilabel>New password</guilabel>
100	</term>
101	<listitem>
102	<para>
103	This is used together with the login name to log in to the
104	account. This is a required field for a new user or if the
105	password should be changed. If the field is left empty the
106	password will be unchanged
107	</para>
108	</listitem>
109	</varlistentry>
110	<varlistentry>
111	<term>
112	<guilabel>Retype password</guilabel>
113	</term>
114	<listitem>
115	<para>
116	Retype the password that is written in
117	<guilabel>New password</guilabel>.
118	</para>
119	</listitem>
120	</varlistentry>
121	<varlistentry>
122	<term>
123	<optional>
124	<guilabel>Quota</guilabel>
125	</optional>
126	</term>
127	<listitem>
128	<para>Set disk quota for the account.</para>
129	</listitem>
130	</varlistentry>
131	<varlistentry>
132	<term>
133	<optional>
134	<guilabel>Quota group</guilabel>
135	</optional>
136	</term>
137	<listitem>
138	<para>
139	Set this if the account should belong to a group with specified
140	quota (optional). With this set the user's possibilities to save items to
141	disk will also depend on how much the rest of the group has
142	saved.
143	</para>
144	</listitem>
145	</varlistentry>
146	<varlistentry>
147	<term>
148	<optional>
149	<guilabel>Home directory</guilabel>
150	</optional>
151	</term>
152	<listitem>
153	<para>
154	Set the account's home directory (optional). A new directory, either empty
155	or from a template, can be created if editing a new user. Select
156	<guilabel>- none -</guilabel>
157	if there should not be any home directory associated with the
158	account.
159	</para>
160	</listitem>
161	</varlistentry>
162	<varlistentry>
163	<term>
164	<optional>
165	<guilabel>Expiration date</guilabel>
166	</optional>
167	</term>
168	<listitem>
169	<para>
170	Define a date in this field if the account should expire on a
171	certain day (optional). The account will be disabled after this date.
172	Leave this empty if the account never should expire.
173	<tip>
174	<para>
175	Use the
176	<guibutton>Calendar…</guibutton>
177	button to pick a date from a calendar in a pop-up window.
178	</para>
179	</tip>
180	</para>
181	</listitem>
182	</varlistentry>
183	<varlistentry>
184	<term>
185	<guilabel>Multi-user account</guilabel>
186	</term>
187	<listitem>
188	<para>
189	This checkbox should be checked if the account should be used by
190	more one user. This will prevent the users from changing the
191	password, contact information and other settings. It will
192	also reset all list filters, column configurations, etc.
193	when the user logs out. Normally, these settings are remembered
194	between log ins.
195	</para>
196	</listitem>
197	</varlistentry>
198	<varlistentry>
199	<term>
200	<guilabel>Disabled</guilabel>
201	</term>
202	<listitem>
203	<para>
204	Disable the account.
205	</para>
206	</listitem>
207	</varlistentry>
208	</variablelist>
209	<para>
210	Go to the other tabs if there are any changes to do otherwise press
211	&gbSave;
212	to save the values or
213	&gbCancel;
214	to abort.
215	</para>
216	<seeother>
217	<other external_id="user.edit.contact">Edit contact information</other>
218	<other external_id="user.additional">Edit additional info</other>
219	<other external_id="user.edit.membership">Group and role membership</other>
220	</seeother>
221	</helptext>
222	</sect3>
223
224	<sect3 id="user._administration.users.edit.contact">
225	<title>Contact information</title>
226	<helptext external_id="user.edit.contact" title="Edit user's contact information">
227	<para>
228	Information about how to get in contact with the user that is associated
229	with the account. All fields on this tab are optional and do not necessarily
230	need to have a value but some can be good to set, like email or phone
231	number.
232	</para>
233	<variablelist>
234	<varlistentry>
235	<term>
236	<optional>
237	<guilabel>Email</guilabel>
238	</optional>
239	</term>
240	<listitem>
241	<para>
242	User's email address. There is some verification of the value
243	but there is no check if the email really exists.
244	</para>
245	</listitem>
246	</varlistentry>
247	<varlistentry>
248	<term>
249	<optional>
250	<guilabel>Organization</guilabel>
251	</optional>
252	</term>
253	<listitem>
254	<para>The company or organization that the user works for.</para>
255	</listitem>
256	</varlistentry>
257	<varlistentry>
258	<term>
259	<optional>
260	<guilabel>Address</guilabel>
261	</optional>
262	</term>
263	<listitem>
264	<para>
265	User's mail address. Use the magnifying glass down to the right,
266	to edit this property in a larger window.
267	</para>
268	</listitem>
269	</varlistentry>
270	<varlistentry>
271	<term>
272	<optional>
273	<guilabel>Phone</guilabel>
274	</optional>
275	</term>
276	<listitem>
277	<para>
278	User's phone number(s)
279	<note>
280	<para>
281	There is no special field for mobile phone, but it works
282	fine to put more then one number in this field.
283	</para>
284	</note>
285	</para>
286	</listitem>
287	</varlistentry>
288	<varlistentry>
289	<term>
290	<optional>
291	<guilabel>Fax</guilabel>
292	</optional>
293	</term>
294	<listitem>
295	<para>User's fax number.</para>
296	</listitem>
297	</varlistentry>
298	<varlistentry>
299	<term>
300	<optional>
301	<guilabel>Url</guilabel>
302	</optional>
303	</term>
304	<listitem>
305	<para>A URL that is associated with the user.</para>
306	</listitem>
307	</varlistentry>
308	<varlistentry>
309	<term>
310	<optional>
311	<guilabel>Description</guilabel>
312	</optional>
313	</term>
314	<listitem>
315	<para>
316	Other useful contact information or description about the user
317	can be written in this field. Use the magnifying glass to edit
318	the information in a pop-up window with a larger text-area.
319	</para>
320	</listitem>
321	</varlistentry>
322	</variablelist>
323	<para>
324	Go to the other tabs if there are any changes to do otherwise press
325	&gbSave;
326	to save the values or
327	&gbCancel;
328	to abort.
329	</para>
330	<seeother>
331	<other external_id="user.edit">Edit account</other>
332	<other external_id="user.additional">Edit additional info</other>
333	<other external_id="user.edit.membership">Group and role membership</other>
334	</seeother>
335	</helptext>
336	</sect3>
337
338	<sect3 id="accounts.users.edit.additional">
339	<title>Additional information</title>
340	<helptext external_id="user.edit.additional" title="Additional information">
341	<para>
342	This tab contains fields that hold various information about the user. There are
343	by default two fields in BASE but this could easily be changed by the
344	server administrator. How this configuration is done can be read in
345	<xref linkend="appendix.extendedproperties" />
346	<note>
347	<para>
348	The
349	<guilabel>Additional info</guilabel>
350	tab is only visible if there is one or more property defined for
351	<classname docapi="net.sf.basedb.core.data">UserData</classname>
352	in the configuration file for extended properties.
353	</para>
354	</note>
355
356	These are the fields that are installed with BASE
357	<variablelist>
358	<varlistentry>
359	<term>
360	<guilabel>Mobile</guilabel>
361	</term>
362	<listitem>
363	<para>
364	The user's mobile number could be put in this field. This
365	field could be left empty.
366	</para>
367	</listitem>
368	</varlistentry>
369	<varlistentry>
370	<term>
371	<guilabel>Skype</guilabel>
372	</term>
373	<listitem>
374	<para>
375	Skype contact information, if the user has a registered
376	Skype account. This field could be left empty.
377	</para>
378	</listitem>
379	</varlistentry>
380	</variablelist>
381	</para>
382	<para>
383	Go to the other tabs if there are any changes to do otherwise press
384	&gbSave;
385	to save the values or
386	&gbCancel;
387	to abort.
388	</para>
389	<seeother>
390	<other external_id="user.edit">Edit account</other>
391	<other external_id="user.contact">Edit contact</other>
392	<other external_id="user.edit.membership">Group and role membership</other>
393	</seeother>
394	</helptext>
395	</sect3>
396
397	<sect3 id="accounts.users.edit.membership">
398	<title>Group and role membership</title>
399	<helptext external_id="user.edit.membership" title="Group and role membership">
400	<para>
401	On this tab, the group and role membership of a user can be
402	specified. The membership can also be changed by editing the
403	group and/or role.
404
405	<note>
406	<para>
407	When adding a new user, the user is automatically added
408	as a member to all groups and roles that has been marked
409	as <emphasis>default</emphasis>. In the standard BASE distribution
410	the <emphasis>User</emphasis> role is marked as a default role.
411	</para>
412	</note>
413	</para>
414
415	<variablelist>
416	<varlistentry>
417	<term><guilabel>Member in</guilabel></term>
418	<listitem>
419	<para>
420	Lists the groups and roles the user already is a member of.
421	</para>
422	</listitem>
423	</varlistentry>
424
425	<varlistentry>
426	<term><guilabel>Add groups…</guilabel></term>
427	<listitem>
428	<para>
429	Opens a pop-up window that allows you to select
430	groups. In the pop-up window, mark
431	one or more groups and click on the &gbOk;
432	button. The pop-up window will not list groups that
433	the user already is a member of.
434	</para>
435	</listitem>
436	</varlistentry>
437
438	<varlistentry>
439	<term><guilabel>Add roles…</guilabel></term>
440	<listitem>
441	<para>
442	Opens a pop-up window that allows you to select
443	roles. In the pop-up window, mark
444	one or more roles and click on the &gbOk;
445	button. The pop-up window will not list roles that
446	the user already is a member of.
447	</para>
448	</listitem>
449	</varlistentry>
450
451	<varlistentry>
452	<term><guilabel>Remove</guilabel></term>
453	<listitem>
454	<para>
455	Use this button to remove the user from the selected
456	groups and/or roles. The selected items will then disappear
457	from the list of memberships.
458	</para>
459	</listitem>
460	</varlistentry>
461	</variablelist>
462
463	<para>
464	Go to the other tabs if there are any changes to do otherwise press
465	&gbSave;
466	to save the values or
467	&gbCancel;
468	to abort.
469	</para>
470	<seeother>
471	<other external_id="user.edit">Edit user</other>
472	<other external_id="user.edit.contact">Edit contact information</other>
473	<other external_id="user.additional">Edit additional info</other>
474	<other external_id="user.edit.default_membership">Default group and role membership</other>
475	</seeother>
476	</helptext>
477	</sect3>
478	</sect2>
479
480	<sect2 id="accounts.users.default_membership">
481	<title>Default group and role membership</title>
482
483	<helptext external_id="user.edit.default_membership"
484	title="Default group and role membership">
485	<para>
486	It is possible to automatically let BASE add new users
487	as a member of a pre-defined list of groups and/or roles. This is done
488	by marking those groups and roles as <emphasis>default</emphasis>
489	groups and roles. There are two ways to do this.
490	</para>
491
492	<orderedlist>
493	<listitem>
494	<para>
495	Change the flag in the edit-dialog for each of the groups/roles
496	that you want to assign as default.
497	</para>
498	</listitem>
499
500	<listitem>
501	<para>
502	Use the <guibutton>Default membership</guibutton> button on the
503	<menuchoice>
504	<guimenu>Administrate</guimenu>
505	<guimenuitem>Users</guimenuitem>
506	</menuchoice>
507	page and select groups and roles in a pop-up dialog.
508	The dialog lists all groups and roles that are currently
509	assigned as default. Use the <guibutton>Add groups</guibutton>
510	and <guibutton>Add roles</guibutton> buttons to select more
511	groups and roles. Use the <guibutton>Remove</guibutton> button
512	to remove the selected groups/roles.
513	</para>
514	</listitem>
515	</orderedlist>
516
517	<note>
518	<para>
519	Changing which groups and roles that are the default does not affect
520	existing user accounts. They are only used to assign membership to
521	new users.
522	</para>
523	</note>
524	<seeother>
525	<other external_id="user.edit.membership">Edit user group and role membership</other>
526	</seeother>
527	</helptext>
528	</sect2>
529	</sect1>
530
531	<sect1 id="accounts.groups">
532	<title>Groups administration</title>
533	<para>
534	Groups in BASE are meant to represent the organizational structure of
535	a company or institution. For example, there can be one group for each
536	department and subgroups for the teams in the departments.
537	The group-membership is normally set when the user is added to BASE and
538	should not have to be changed later, except when the company is re-organizing.
539	</para>
540	<para>
541	There is one pre-installed group in BASE, a system group, called Everyone. It is, like
542	the name says, a group in which everyone (all users) are members. The users that are
543	allowed to share to everyone can easily share items to all users by sharing the item to
544	this group.
545	</para>
546
547	<sect2 id="accounts.groups.edit">
548	<title>Edit group</title>
549	<para>
550	The pop-up window where a group can be edited has two tabs,
551	<guilabel>Group</guilabel>
552	and
553	<guilabel>Members</guilabel>.
554	</para>
555	<sect3 id="accounts.groups.edit.properties">
556	<title>Properties</title>
557	<helptext external_id="group.edit" title="Edit group">
558	<variablelist>
559	<varlistentry>
560	<term>
561	<guilabel>Name</guilabel>
562	</term>
563	<listitem>
564	<para>The name of the group.</para>
565	</listitem>
566	</varlistentry>
567	<varlistentry>
568	<term>
569	<guilabel>Default</guilabel>
570	</term>
571	<listitem>
572	<para>
573	Mark this checkbox to let BASE automatically add new users
574	as members to this group.
575	</para>
576	</listitem>
577	</varlistentry>
578	<varlistentry>
579	<term>
580	<guilabel>Hidden members</guilabel>
581	</term>
582	<listitem>
583	<para>
584	Mark this checkbox to create a group with hidden members.
585	This means that a user will not be able to see information about
586	other members in the group, but it is still possible to share items
587	to the group as a whole.
588	</para>
589	</listitem>
590	</varlistentry>
591	<varlistentry>
592	<term>
593	<optional>
594	<guilabel>Description</guilabel>
595	</optional>
596	</term>
597	<listitem>
598	<para>
599	Description about the group. The magnifying glass, down to the
600	right, can be used to open and edit the text in a larger text
601	area.
602	</para>
603	</listitem>
604	</varlistentry>
605	<varlistentry>
606	<term>
607	<optional>
608	<guilabel>Quota</guilabel>
609	</optional>
610	</term>
611	<listitem>
612	<para>
613	With this property it's possible to limit the quota of total
614	disk space for the group members. Select
615	<guilabel>-none-</guilabel>
616	from the drop-down list if the group should not have any quota.
617	There are some presets of quotas that comes with the BASE
618	installation, besides a couple with different size of total disk
619	space there are one called
620	<guilabel>No quota</guilabel>
621	and one with
622	<guilabel>Unlimited quota</guilabel>.
623	Their names speak for them self.
624	</para>
625
626	<note>
627	<para>
628	A user can only take quota from one group, which has
629	to be specified as the <guilabel>Quota group</guilabel>
630	of the user.
631	</para>
632	</note>
633
634	</listitem>
635	</varlistentry>
636	</variablelist>
637	<para>
638	Go to the other tab,
639	<guilabel>Members</guilabel>,
640	if there are any changes to do otherwise use
641	&gbSave;
642	to save the settings or
643	&gbCancel;
644	to abort.
645	</para>
646	<seeother>
647	<other external_id="group.edit.membership">Edit group members</other>
648	<other external_id="user.edit">Edit user</other>
649	</seeother>
650	</helptext>
651	</sect3>
652
653	<sect3 id="accounts.groups.edit.members">
654	<title>Group members</title>
655	<helptext external_id="group.edit.membership" title="Edit group members">
656	<para>
657	A group can have both single users and other groups as members. Group
658	members have access to those items that are shared to the group. Each user
659	in the group has the possibility to share their own items to one or more of
660	the other members or to the whole group.
661	</para>
662
663	<variablelist>
664	<varlistentry>
665	<term><guilabel>Members</guilabel></term>
666	<listitem>
667	<para>
668	Lists the user and groups that are already
669	members of this group.
670	</para>
671	</listitem>
672	</varlistentry>
673
674	<varlistentry>
675	<term><guilabel>Add users…</guilabel></term>
676	<listitem>
677	<para>
678	Opens a pop-up window that allows you to add
679	users to the group. In the pop-up window, mark
680	one or more users and click on the &gbOk;
681	button. The pop-up window will not list users that
682	are already members of the group.
683	</para>
684	</listitem>
685	</varlistentry>
686
687	<varlistentry>
688	<term><guilabel>Add groups…</guilabel></term>
689	<listitem>
690	<para>
691	Opens a pop-up window that allows you to add
692	other groups to the group. In the pop-up window, mark
693	one or more groups and click on the &gbOk;
694	button. The pop-up window will not list groups that
695	are already members of the group.
696	</para>
697	</listitem>
698	</varlistentry>
699
700	<varlistentry>
701	<term><guilabel>Remove</guilabel></term>
702	<listitem>
703	<para>
704	Use this button to remove the selected
705	users and/or groups from this group. The selected items will
706	disappear from the list of memberships.
707	</para>
708	</listitem>
709	</varlistentry>
710
711	</variablelist>
712
713	<para>
714	Go to the other tab if there are any changes to do, otherwise use
715	&gbSave;
716	to save the values or
717	&gbCancel;
718	to abort.
719	</para>
720	<seeother>
721	<other external_id="group.edit">Edit group properties</other>
722	</seeother>
723	</helptext>
724	</sect3>
725	</sect2>
726	</sect1>
727
728	<sect1 id="accounts.roles">
729	<title>Roles administration</title>
730	<para>
731	Roles are meant to represent different kinds of working positions that users can have,
732	like server administrator or regular user just to mention two.
733	Users are normally assigned a role, perhaps more than one, when they are created and
734	registered in BASE.
735	</para>
736
737
738	<sect2 id="accounts.roles.defaultroles">
739	<title>Pre-defined system roles</title>
740	<para>
741	BASE comes with some pre-defined roles. These are configured to cover the
742	normal user roles that can appear. A more detailed description of the different
743	roles and when to use them follows here.
744	</para>
745	<variablelist>
746	<varlistentry>
747	<term>Administrator</term>
748	<listitem>
749	<para>
750	This role gives the user full permission to do everything in BASE and
751	also possibility to share items with the system-group 'Everyone'. Users
752	that are supposed to administrate the server, user accounts, groups etc.
753	should have this role.
754	</para>
755	</listitem>
756	</varlistentry>
757	<varlistentry>
758	<term>Supervisor</term>
759	<listitem>
760	<para>
761	Users that are members of this role has permission to read everything in
762	BASE. This role does not let the members to actually do anything in BASE
763	except read and supervise.
764	</para>
765	</listitem>
766	</varlistentry>
767	<varlistentry>
768	<term>Power user</term>
769	<listitem>
770	<para>
771	This role allows it's members to do some things that an ordinary user
772	not is allowed to. Most things are related to global resources
773	like reporters, the array lims and plug-ins.
774	This role can be proper for those users that are in
775	some kind of leading position over work groups or projects.
776	</para>
777	</listitem>
778	</varlistentry>
779	<varlistentry>
780	<term>User</term>
781	<listitem>
782	<para>
783	A role that is suitable for all ordinary users. This allows the members
784	to do common things in BASE such as creating biomaterials and
785	experiments, uploading raw data and analyse it.
786	</para>
787	</listitem>
788	</varlistentry>
789	<varlistentry>
790	<term>Guest</term>
791	<listitem>
792	<para>
793	This is a role with limited access to create new things. It is useful
794	for those who wants to have peek at the program. It can also be
795	used for someone that is helping out with the analysis of an experiment.
796	</para>
797	</listitem>
798	</varlistentry>
799	<varlistentry>
800	<term>Job agent</term>
801	<listitem>
802	<para>
803	This role is given to the job agents and allows them to read and execute
804	jobs. Job agents always runs the jobs as the user who created the job
805	and therefore it have to be able to act as another user.
806	</para>
807	</listitem>
808	</varlistentry>
809	</variablelist>
810	</sect2>
811
812	<sect2 id="accounts.roles.edit">
813	<title>Edit role</title>
814	<para>
815	Creating a new role or editing the system-roles are something that do not needs to be
816	done very often. The existing roles will normally be enough but there can be some
817	cases when they need to be complemented, either with a new role or with different
818	permissions.
819	</para>
820	<sect3 id="accounts.roles.edit.properties">
821	<title>Properties</title>
822	<helptext external_id="role.edit" title="Edit role">
823
824	<variablelist>
825	<varlistentry>
826	<term>
827	<guilabel>Name</guilabel>
828	</term>
829	<listitem>
830	<para>The name of the role.</para>
831	</listitem>
832	</varlistentry>
833	<varlistentry>
834	<term>
835	<guilabel>Share to Everyone</guilabel>
836	</term>
837	<listitem>
838	<para>
839	Allows the user to share items to the
840	system-group 'Everyone'.
841	</para>
842	</listitem>
843	</varlistentry>
844
845	<varlistentry>
846	<term><guilabel>Act as another user</guilabel></term>
847	<listitem>
848	<para>
849	Allows the user to login as another user without
850	knowing the password. This is used by job agents
851	to make it possible for them to execute a plug-in
852	as the user that created the job. This permission
853	will also make it possible to switch user in the web
854	interface. It can be useful for an administrator who
855	needs to check out a problem, but use this permission
856	with care.
857	</para>
858	</listitem>
859	</varlistentry>
860
861	<varlistentry>
862	<term>
863	<guilabel>Select job agent for jobs</guilabel>
864	</term>
865	<listitem>
866	<para>
867	Allows the user to select a specific job agent when running jobs.
868	Users without this permission will always have a randomly selected
869	job agent.
870	</para>
871	</listitem>
872	</varlistentry>
873
874	<varlistentry>
875	<term>
876	<guilabel>Default</guilabel>
877	</term>
878	<listitem>
879	<para>
880	Mark this checkbox to let BASE automatically add new users
881	as members to the role.
882	</para>
883	</listitem>
884	</varlistentry>
885	<varlistentry>
886	<term>
887	<guilabel>Description</guilabel>
888	</term>
889	<listitem>
890	<para>Description and information about the role.</para>
891	</listitem>
892	</varlistentry>
893	</variablelist>
894	<para>
895	Set the properties and proceed then to either one of the other tabs or by
896	clicking on one of the buttons:
897	&gbSave;
898	to save the changes or
899	&gbCancel;
900	to abort.
901	</para>
902	<seeother>
903	<other external_id="role.edit.permissions">Role permissions</other>
904	<other external_id="role.edit.members">Role members</other>
905	</seeother>
906	</helptext>
907	</sect3>
908
909	<sect3 id="accounts.roles.edit.permissions">
910	<title>Permissions</title>
911	<helptext external_id="role.edit.permissions" title="Edit role permissions">
912	<para>
913	A role's permissions are defined for each item type within BASE. Set the
914	role's permission on an item type by first selecting the item(s) in the list
915	and then tick those permissions that should be applied. Not all permissions
916	can be applied to every item type, that's why permission check-boxes becomes
917	disabled when selecting some of the item types
918	</para>
919	<para>
920	After each item type in the list is a string inside square brackets that
921	shows what kind of permissions the current role has on that particular item
922	type. The permissions that do not have been set are represented with '-'
923	inside the square brackets and those which have been set are represented
924	with characters that are listed below.
925	</para>
926	<itemizedlist>
927	<listitem>
928	<simpara>
929	<guilabel>DENIED</guilabel>
930	= Deny access to the selected item type. This exclude all the other
931	permissions by unchecking the other check boxes.
932	</simpara>
933	</listitem>
934	<listitem>
935	<simpara>
936	<guilabel>C</guilabel>
937	= Create
938	</simpara>
939	</listitem>
940	<listitem>
941	<simpara>
942	<guilabel>R</guilabel>
943	= Read
944	</simpara>
945	</listitem>
946	<listitem>
947	<simpara>
948	<guilabel>U</guilabel>
949	= Use
950	</simpara>
951	</listitem>
952	<listitem>
953	<simpara>
954	<guilabel>W</guilabel>
955	= Write
956	</simpara>
957	</listitem>
958	<listitem>
959	<simpara>
960	<guilabel>D</guilabel>
961	= Delete
962	</simpara>
963	</listitem>
964	<listitem>
965	<simpara>
966	<guilabel>O</guilabel>
967	= Set owner
968	</simpara>
969	</listitem>
970	<listitem>
971	<simpara>
972	<guilabel>P</guilabel>
973	= Set permission
974	</simpara>
975	</listitem>
976	</itemizedlist>
977	<para>
978	Set the role's permission on each one of the item types and proceed then to
979	one of the other tabs or click on
980	&gbSave;
981	to save the changes or
982	&gbCancel;
983	to abort.
984	</para>
985	<seeother>
986	<other external_id="role.edit">Edit properties</other>
987	<other external_id="role.edit.members">Role members</other>
988	</seeother>
989	</helptext>
990	</sect3>
991
992	<sect3 id="accounts.roles.edit.members">
993	<title>Members</title>
994	<helptext external_id="role.edit.members" title="Role members">
995
996	<variablelist>
997	<varlistentry>
998	<term><guilabel>Members</guilabel></term>
999	<listitem>
1000	<para>
1001	Users that are members of a role are listed in the list-box located on this
1002	tab.
1003	</para>
1004	</listitem>
1005	</varlistentry>
1006	<varlistentry>
1007	<term><guibutton>Add users</guibutton></term>
1008	<listitem>
1009	<para>
1010	Select the users that should be added from the list in the
1011	pop-up window. Click on the
1012	&gbOk;
1013	button to close the pop-up window and add the selected users.
1014	</para>
1015	</listitem>
1016	</varlistentry>
1017	<varlistentry>
1018	<term>Remove</term>
1019	<listitem>
1020	<para>
1021	Removes the selected users from the role.
1022	</para>
1023	</listitem>
1024	</varlistentry>
1025	</variablelist>
1026	<para>
1027	Press
1028	&gbSave;
1029	to save the role or go to one of the other tabs if there are more that needs
1030	to be set. Use
1031	&gbClose;
1032	to abort and close the window without saving the changes.
1033	</para>
1034	<seeother>
1035	<other external_id="role.edit">Edit properties</other>
1036	<other external_id="role.edit.permissions">Role permissions</other>
1037	</seeother>
1038	</helptext>
1039	</sect3>
1040	</sect2>
1041	</sect1>
1042
1043	<sect1 id="accounts.quota">
1044	<title>Disk space/quota</title>
1045	<para>
1046	The administrator can control the maximum size of disk space for users and groups.
1047	A user must be assigned a quota of their own and may optionally have a group
1048	quota as well. If so, the most restrictive quota is checked whenever the user
1049	tries to do something that counts as disk-consuming, for example uploading a file.
1050	</para>
1051
1052	<note>
1053	<para>
1054	The quota is checked before an operation, which is allowed to continue if there
1055	is space left. For example, even if you have only one byte left of disk space
1056	you are allowed to upload a 10MB file.
1057	</para>
1058	</note>
1059
1060	<para>
1061	Read
1062	<xref linkend="accounts.users.edit" />
1063	and <xref linkend="accounts.groups.edit" />
1064	for information about how to set a quota for a user and
1065	group.
1066	</para>
1067	<para>
1068	The list of quotas in BASE can be found by using the menu
1069	<menuchoice>
1070	<guimenu>Administrate</guimenu>
1071	<guimenuitem>Quota</guimenuitem>
1072	</menuchoice>.
1073	</para>
1074
1075	<sect2 id="accounts.quota.edit">
1076	<title>Edit quota</title>
1077	<para>
1078	The edit window has two tabs, one with information about the quota and one where the
1079	limits are defined.
1080	</para>
1081	<sect3 id="accounts.quota.edit.properties">
1082	<title>Properties</title>
1083	<helptext external_id="quota.edit" title="Edit properties">
1084	<variablelist>
1085	<varlistentry>
1086	<term>
1087	<guilabel>Name</guilabel>
1088	</term>
1089	<listitem>
1090	<para>Name of the quota.</para>
1091	</listitem>
1092	</varlistentry>
1093	<varlistentry>
1094	<term>
1095	<optional>
1096	<guilabel>Description</guilabel>
1097	</optional>
1098	</term>
1099	<listitem>
1100	<para>
1101	Description of the quota. It could be a good idea to
1102	describe the quota's details here. Use the magnifying glass to
1103	edit the text in a larger text area.
1104	</para>
1105	</listitem>
1106	</varlistentry>
1107	</variablelist>
1108	<para>
1109	Go to the other tab if there are values that have not been set. Otherwise use
1110	&gbSave;
1111	to save the settings or
1112	&gbCancel;
1113	to abort.
1114	</para>
1115	</helptext>
1116	</sect3>
1117
1118	<sect3 id="accounts.quota.edit.values">
1119	<title>Values</title>
1120	<helptext external_id="quota.edit.values" title="Edit quota values">
1121	<para>
1122	The quota values are defined here, both for the primary location and the
1123	secondary location. Use the check box to the right of the input fields to
1124	set unlimited quota. You can use the abbreviations
1125	<abbrev>kb</abbrev>, <abbrev>Mb</abbrev> and <abbrev>Gb</abbrev>
1126	to specify the quota values.
1127	</para>
1128	<variablelist>
1129	<varlistentry>
1130	<term>
1131	<guilabel>Total</guilabel>
1132	</term>
1133	<listitem>
1134	<para>
1135	Limit of total quota. The sum of the other three quotas does not
1136	have to be the same as this, it is always the most restricted
1137	value that is used.
1138	</para>
1139	</listitem>
1140	</varlistentry>
1141	<varlistentry>
1142	<term>
1143	<optional>
1144	<guilabel>Files</guilabel>
1145	</optional>
1146	</term>
1147	<listitem>
1148	<para>Limit of disk space to save files in.</para>
1149	</listitem>
1150	</varlistentry>
1151	<varlistentry>
1152	<term>
1153	<optional>
1154	<guilabel>Raw data</guilabel>
1155	</optional>
1156	</term>
1157	<listitem>
1158	<para>Limit of disk space to save raw data in.</para>
1159	</listitem>
1160	</varlistentry>
1161	<varlistentry>
1162	<term>
1163	<optional>
1164	<guilabel>Experiments</guilabel>
1165	</optional>
1166	</term>
1167	<listitem>
1168	<para>
1169	Limit of disk space that can be used by experiments.
1170	</para>
1171	</listitem>
1172	</varlistentry>
1173	</variablelist>
1174	<para>
1175	When everything have been set the quota is saved by using
1176	&gbSave;. To discard changes use
1177	&gbCancel;.
1178	</para>
1179	</helptext>
1180	</sect3>
1181	</sect2>
1182
1183	<sect2 id="accounts.quota.diskusage">
1184	<title>Disk usage</title>
1185
1186	<para>
1187	Go to
1188	<menuchoice>
1189	<guimenu>Administrate</guimenu>
1190	<guimenuitem>Disk usage</guimenuitem>
1191	</menuchoice>
1192	if you want to get statistics about how the disk
1193	is used. There are three tabs:
1194	</para>
1195
1196	<variablelist>
1197	<varlistentry>
1198	<term><guilabel>Overview</guilabel></term>
1199	<listitem>
1200	<para>
1201	Gives an overview of the total disk usage.
1202	It is divided per location and quota type.
1203	</para>
1204	</listitem>
1205	</varlistentry>
1206
1207	<varlistentry>
1208	<term><guilabel>Per user</guilabel></term>
1209	<listitem>
1210	<para>
1211	Gives an overview of the disk usage
1212	per user. For each user you can get a summary
1213	displaying the total disk usage and
1214	divided per location and quota type.
1215	Use the <guilabel>View details</guilabel>
1216	link to list all items that uses up disk space.
1217	The list displays the name and type of each item
1218	and the amount of disk space it uses.
1219	</para>
1220	</listitem>
1221	</varlistentry>
1222
1223	<varlistentry>
1224	<term><guilabel>Per group</guilabel></term>
1225	<listitem>
1226	<para>
1227	Gives an overview of the disk usage
1228	per group, with the same functionality
1229	as the per user overview.
1230	</para>
1231	</listitem>
1232	</varlistentry>
1233	</variablelist>
1234
1235	</sect2>
1236
1237	</sect1>
1238	</chapter>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/doc/src/docbook/admin/accounts.xml @ 5738

Download in other formats: