Context Navigation

source: trunk/doc/src/docbook/admindoc/user_administration.xml @ 4477

Visit:

Last change on this file since 4477 was 4477, checked in by Jari Häkkinen, 15 years ago
Addresses #1106. Moving to GPLv3 in chunked commits.
Property svn:eol-style set to `native` Property svn:keywords set to `Id`
File size: 37.0 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<!DOCTYPE chapter PUBLIC
3	"-//Dawid Weiss//DTD DocBook V3.1-Based Extension for XML and graphics inclusion//EN"
4	"../../../../lib/docbook/preprocess/dweiss-docbook-extensions.dtd">
5	<!--
6	$Id: user_administration.xml 4477 2008-09-05 15:15:25Z jari $
7
8	Copyright (C) 2007 Peter Johansson, Nicklas Nordborg, Martin Svensson
9
10	This file is part of BASE - BioArray Software Environment.
11	Available at http://base.thep.lu.se/
12
13	BASE is free software; you can redistribute it and/or
14	modify it under the terms of the GNU General Public License
15	as published by the Free Software Foundation; either version 3
16	of the License, or (at your option) any later version.
17
18	BASE is distributed in the hope that it will be useful,
19	but WITHOUT ANY WARRANTY; without even the implied warranty of
20	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21	GNU General Public License for more details.
22
23	You should have received a copy of the GNU General Public License
24	along with this program; if not, write to the Free Software
25	Foundation, Inc., 59 Temple Place - Suite 330,
26	Boston, MA 02111-1307, USA.
27	-->
28
29	<chapter id="user_administration">
30	<?dbhtml dir="user_administration"?>
31	<title>Account administration</title>
32
33	<important>
34	<title>Read <link linkend="project_permission"><xref linkend="project_permission" /></link></title>
35	<para>
36	This chapter contains importants information about the
37	permission system BASE uses. It is essential that an
38	administrator knows how this works to be able to set up
39	user, groups and roles smoothly.
40	</para>
41	</important>
42
43	<sect1 id="user_administration.users">
44	<title>Users administration</title>
45	<para>
46	The user list is accessed with
47	<menuchoice>
48	<guimenu>Administrate</guimenu>
49	<guimenuitem>Users</guimenuitem>
50	</menuchoice>
51	and from here are the users' account and contact information managed.
52	</para>
53
54	<sect2 id="user_administration.users.edit">
55	<title>Edit user</title>
56	<para>
57	The pop-up window where information and settings for a user can be edited has three
58	tabs, one for the account related, one with information about the user and one that
59	shows the user's memberships.
60	</para>
61	<sect3 id="user_administration.users.edit.properties">
62	<title>Properties</title>
63	<helptext external_id="user.edit" title="Edit user account">
64	<para>These are the properties for a user account.</para>
65	<variablelist>
66	<varlistentry>
67	<term>
68	<guilabel>Name</guilabel>
69	</term>
70	<listitem>
71	<para>
72	The full name of the user that is associated with the account.
73	</para>
74	</listitem>
75	</varlistentry>
76	<varlistentry>
77	<term>
78	<guilabel>Login</guilabel>
79	</term>
80	<listitem>
81	<para>
82	A login name to use when logging in to the account. The login
83	must be unique among all users.
84	</para>
85	</listitem>
86	</varlistentry>
87	<varlistentry>
88	<term>
89	<optional>
90	<guilabel>External ID</guilabel>
91	</optional>
92	</term>
93	<listitem>
94	<para>
95	An id that is used to identify the user outside BASE (optional).
96	If a valus is given it must be unique among all users.
97	</para>
98	</listitem>
99	</varlistentry>
100	<varlistentry>
101	<term>
102	<guilabel>New password</guilabel>
103	</term>
104	<listitem>
105	<para>
106	This is used together with the login name to log in to the
107	account. This is a required field for a new user or if the
108	password should be changed. If the field is left empty the
109	password will be unchanged
110	</para>
111	</listitem>
112	</varlistentry>
113	<varlistentry>
114	<term>
115	<guilabel>Retype password</guilabel>
116	</term>
117	<listitem>
118	<para>
119	Retype the password that is written in
120	<guilabel>New password</guilabel>.
121	</para>
122	</listitem>
123	</varlistentry>
124	<varlistentry>
125	<term>
126	<optional>
127	<guilabel>Quota</guilabel>
128	</optional>
129	</term>
130	<listitem>
131	<para>Set disk quota for the account.</para>
132	</listitem>
133	</varlistentry>
134	<varlistentry>
135	<term>
136	<optional>
137	<guilabel>Quota group</guilabel>
138	</optional>
139	</term>
140	<listitem>
141	<para>
142	Set this if the account should belong to a group with specified
143	quota (optional). With this set the user's possibilities to save items to
144	disk will also depend on how much the rest of the group has
145	saved.
146	</para>
147	</listitem>
148	</varlistentry>
149	<varlistentry>
150	<term>
151	<optional>
152	<guilabel>Home directory</guilabel>
153	</optional>
154	</term>
155	<listitem>
156	<para>
157	Set the account's home directory (optional). A new directory, either empty
158	or from a template, can be created if editing a new user. Select
159	<guilabel>- none -</guilabel>
160	if there should not be any home directory asocciated with the
161	account.
162	</para>
163	</listitem>
164	</varlistentry>
165	<varlistentry>
166	<term>
167	<optional>
168	<guilabel>Expiration date</guilabel>
169	</optional>
170	</term>
171	<listitem>
172	<para>
173	Define a date in this field if the account should expire on a
174	certain day (optional). The account will be disabled after this date.
175	Leave this empty if the account never should expire.
176	<tip>
177	<para>
178	Use the
179	<guibutton>Calendar…</guibutton>
180	button to pick a date from a calendar in a pop-up window.
181	</para>
182	</tip>
183	</para>
184	</listitem>
185	</varlistentry>
186	<varlistentry>
187	<term>
188	<guilabel>Multi-user account</guilabel>
189	</term>
190	<listitem>
191	<para>
192	This checkbox should be checked if the account should be used by
193	more one user. This will prevent the users from changing the
194	password, contact information and other settings. It will
195	also reset all list filters, column configurations, etc.
196	when the user logs out. Normally, these settings are rememembered
197	between logins.
198	</para>
199	</listitem>
200	</varlistentry>
201	<varlistentry>
202	<term>
203	<guilabel>Disabled</guilabel>
204	</term>
205	<listitem>
206	<para>
207	Disable the account.
208	</para>
209	</listitem>
210	</varlistentry>
211	</variablelist>
212	<para>
213	Go to the other tabs if there are any changes to do otherwise press
214	&gbSave;
215	to save the values or
216	&gbCancel;
217	to abort.
218	</para>
219	<seeother>
220	<other external_id="user.edit.contact">Edit contact information</other>
221	<other external_id="user.additional">Edit additional info</other>
222	<other external_id="user.edit.membership">Group and role membership</other>
223	</seeother>
224	</helptext>
225	</sect3>
226
227	<sect3 id="user._administration.users.edit.contact">
228	<title>Contact information</title>
229	<helptext external_id="user.edit.contact" title="Edit user's contact information">
230	<para>
231	Information about how to get in contact with the user that is asocciated
232	with the account. All fields on this tab are optional and do not necessarily
233	need to have a value but some can be good to set, like email or phone
234	number.
235	</para>
236	<variablelist>
237	<varlistentry>
238	<term>
239	<optional>
240	<guilabel>Email</guilabel>
241	</optional>
242	</term>
243	<listitem>
244	<para>
245	User's email address. There is some verification of the value
246	but there is no check if the email really exists.
247	</para>
248	</listitem>
249	</varlistentry>
250	<varlistentry>
251	<term>
252	<optional>
253	<guilabel>Organization</guilabel>
254	</optional>
255	</term>
256	<listitem>
257	<para>The company or organization that the user works for.</para>
258	</listitem>
259	</varlistentry>
260	<varlistentry>
261	<term>
262	<optional>
263	<guilabel>Address</guilabel>
264	</optional>
265	</term>
266	<listitem>
267	<para>
268	User's mail address. Use the magnifying glass down to the right,
269	to edit this property in a larger window.
270	</para>
271	</listitem>
272	</varlistentry>
273	<varlistentry>
274	<term>
275	<optional>
276	<guilabel>Phone</guilabel>
277	</optional>
278	</term>
279	<listitem>
280	<para>
281	User's phone number(s)
282	<note>
283	<para>
284	There is no special field for mobile phone, but it works
285	fine to put more then one number in this field.
286	</para>
287	</note>
288	</para>
289	</listitem>
290	</varlistentry>
291	<varlistentry>
292	<term>
293	<optional>
294	<guilabel>Fax</guilabel>
295	</optional>
296	</term>
297	<listitem>
298	<para>User's fax number.</para>
299	</listitem>
300	</varlistentry>
301	<varlistentry>
302	<term>
303	<optional>
304	<guilabel>Url</guilabel>
305	</optional>
306	</term>
307	<listitem>
308	<para>A URL that is associated with the user.</para>
309	</listitem>
310	</varlistentry>
311	<varlistentry>
312	<term>
313	<optional>
314	<guilabel>Description</guilabel>
315	</optional>
316	</term>
317	<listitem>
318	<para>
319	Other useful contact information or description about the user
320	can be written in this field. Use the magnifying glass to edit
321	the information in a pop-up window with a larger text-area.
322	</para>
323	</listitem>
324	</varlistentry>
325	</variablelist>
326	<para>
327	Go to the other tabs if there are any changes to do otherwise press
328	&gbSave;
329	to save the values or
330	&gbCancel;
331	to abort.
332	</para>
333	<seeother>
334	<other external_id="user.edit">Edit account</other>
335	<other external_id="user.additional">Edit additional info</other>
336	<other external_id="user.edit.membership">Group and role membership</other>
337	</seeother>
338	</helptext>
339	</sect3>
340
341	<sect3 id="user_administration.users.edit.additional">
342	<title>Additional information</title>
343	<helptext external_id="user.edit.additional" title="Additional information">
344	<para>
345	This tab contains fields that hold various information about the user. There are
346	by default two fields in BASE2 but this could easily be changed by the
347	server administrator. How this configuration is done can be read in
348	<xref linkend="appendix.extendedproperties" />
349	<note>
350	<para>
351	The
352	<guilabel>Additional info</guilabel>
353	tab is only visible if there is one or more property defined for
354	<classname docapi="net.sf.basedb.core.data">UserData</classname>
355	in the configuration file for extended properties.
356	</para>
357	</note>
358
359	These are the fields that are installed with BASE2
360	<variablelist>
361	<varlistentry>
362	<term>
363	<guilabel>Mobile</guilabel>
364	</term>
365	<listitem>
366	<para>
367	The user's mobile number could be put in this field. This
368	field could be left empty.
369	</para>
370	</listitem>
371	</varlistentry>
372	<varlistentry>
373	<term>
374	<guilabel>Skype</guilabel>
375	</term>
376	<listitem>
377	<para>
378	Skype contact information, if the user has a registered
379	skype account. This field could be left empty.
380	</para>
381	</listitem>
382	</varlistentry>
383	</variablelist>
384	</para>
385	<para>
386	Go to the other tabs if there are any changes to do otherwise press
387	&gbSave;
388	to save the values or
389	&gbCancel;
390	to abort.
391	</para>
392	<seeother>
393	<other external_id="user.edit">Edit account</other>
394	<other external_id="user.contact">Edit contact</other>
395	<other external_id="user.edit.membership">Group and role membership</other>
396	</seeother>
397	</helptext>
398	</sect3>
399
400	<sect3 id="user_administration.users.edit.membership">
401	<title>Group and role membership</title>
402	<helptext external_id="user.edit.membership" title="Group and role membership">
403	<para>
404	On this tab, the group and role membership of a user can be
405	specified. The membership can also be changed by editing the
406	group and/or role.
407
408	<note>
409	<para>
410	When adding a new user, the user is automatically added
411	as a member to all groups and roles that has been marked
412	as <emphasis>default</emphasis>. In the standard BASE distribution
413	the <emphasis>User</emphasis> role is marked as a default role.
414	</para>
415	</note>
416	</para>
417
418	<variablelist>
419	<varlistentry>
420	<term><guilabel>Member in</guilabel></term>
421	<listitem>
422	<para>
423	Lists the groups and roles the user already is a member of.
424	</para>
425	</listitem>
426	</varlistentry>
427
428	<varlistentry>
429	<term><guilabel>Add groups…</guilabel></term>
430	<listitem>
431	<para>
432	Opens a popup window that allows you to select
433	groups. In the popup window, mark
434	one or more groups and click on the &gbOk;
435	button. The popup window will not list groups that
436	the user already is a member of.
437	</para>
438	</listitem>
439	</varlistentry>
440
441	<varlistentry>
442	<term><guilabel>Add roles…</guilabel></term>
443	<listitem>
444	<para>
445	Opens a popup window that allows you to select
446	roles. In the popup window, mark
447	one or more roles and click on the &gbOk;
448	button. The popup window will not list roles that
449	the user already is a member of.
450	</para>
451	</listitem>
452	</varlistentry>
453
454	<varlistentry>
455	<term><guilabel>Remove</guilabel></term>
456	<listitem>
457	<para>
458	Use this button to remove the user from the selected
459	groups and/or roles. The selected items will then disappear
460	from the list of memberships.
461	</para>
462	</listitem>
463	</varlistentry>
464	</variablelist>
465
466	<para>
467	Go to the other tabs if there are any changes to do otherwise press
468	&gbSave;
469	to save the values or
470	&gbCancel;
471	to abort.
472	</para>
473	<seeother>
474	<other external_id="user.edit">Edit user</other>
475	<other external_id="user.edit.contact">Edit contact information</other>
476	<other external_id="user.additional">Edit additional info</other>
477	<other external_id="user.edit.default_membership">Default group and role membership</other>
478	</seeother>
479	</helptext>
480	</sect3>
481	</sect2>
482
483	<sect2 id="user_administration.users.default_membership">
484	<title>Default group and role membership</title>
485
486	<helptext external_id="user.edit.default_membership"
487	title="Default group and role membership">
488	<para>
489	It is possible to automatically let BASE add new users
490	as a member of a pre-defined list of groups and/or roles. This is done
491	by marking those groups and roles as <emphasis>default</emphasis>
492	groups and roles. There are two ways to do this.
493	</para>
494
495	<orderedlist>
496	<listitem>
497	<para>
498	Change the flag in the edit-dialog for each of the groups/roles
499	that you want to assign as default.
500	</para>
501	</listitem>
502
503	<listitem>
504	<para>
505	Use the <guibutton>Default membership</guibutton> button on the
506	<menuchoice>
507	<guimenu>Administrate</guimenu>
508	<guimenuitem>Users</guimenuitem>
509	</menuchoice>
510	page and select groups and roles in a popup dialog.
511	The dialog lists all groups and roles that are currently
512	assigned as default. Use the <guibutton>Add groups</guibutton>
513	and <guibutton>Add roles</guibutton> buttons to select more
514	groups and roles. Use the <guibutton>Remove</guibutton> button
515	to remove the selected groups/roles.
516	</para>
517	</listitem>
518	</orderedlist>
519
520	<note>
521	<para>
522	Changing which groups and roles that are the default does not affect
523	existing user accounts. They are only used to assign membership to
524	new users.
525	</para>
526	</note>
527	<seeother>
528	<other external_id="user.edit.membership">Edit user group and role membership</other>
529	</seeother>
530	</helptext>
531	</sect2>
532	</sect1>
533
534	<sect1 id="user_administration.groups">
535	<title>Groups administration</title>
536	<para>
537	Groups in BASE are meant to represent the organizational structure of
538	a company or instituion. For example, there can be one group for each
539	department and subgroups for the teams in the departments.
540	The group-membership is normally set when the user is added to BASE and
541	should not have to be changed later, except when the company is re-organizing.
542	</para>
543	<para>
544	There is one pre-installed group in BASE, a system group, called Everyone. It is, like
545	the name says, a group in which everyone (all users) are members. The users that are
546	allowed to share to everyone can easily share items to all users by sharing the item to
547	this group.
548	</para>
549
550	<sect2 id="user_administration.groups.edit">
551	<title>Edit group</title>
552	<para>
553	The pop-up window where a group can be edited has two tabs,
554	<guilabel>Group</guilabel>
555	and
556	<guilabel>Members</guilabel>.
557	</para>
558	<sect3 id="user_administration.groups.edit.properties">
559	<title>Properties</title>
560	<helptext external_id="group.edit" title="Edit group">
561	<variablelist>
562	<varlistentry>
563	<term>
564	<guilabel>Name</guilabel>
565	</term>
566	<listitem>
567	<para>The name of the group.</para>
568	</listitem>
569	</varlistentry>
570	<varlistentry>
571	<term>
572	<guilabel>Default</guilabel>
573	</term>
574	<listitem>
575	<para>
576	Mark this checkbox to let BASE automatically add new users
577	as members to this group.
578	</para>
579	</listitem>
580	</varlistentry>
581	<varlistentry>
582	<term>
583	<optional>
584	<guilabel>Description</guilabel>
585	</optional>
586	</term>
587	<listitem>
588	<para>
589	Description about the group. The magnifying glass, down to the
590	right, can be used to open and edit the text in a larger text
591	area.
592	</para>
593	</listitem>
594	</varlistentry>
595	<varlistentry>
596	<term>
597	<optional>
598	<guilabel>Quota</guilabel>
599	</optional>
600	</term>
601	<listitem>
602	<para>
603	With this property it's possible to limit the quota of total
604	disk space for the group members. Select
605	<guilabel>-none-</guilabel>
606	from the drop-down list if the group should not have any quota.
607	There are some presets of quotas that comes with the BASE2
608	installation, besides a couple with different size of total disk
609	space there are one called
610	<guilabel>No quota</guilabel>
611	and one with
612	<guilabel>Unlimited quota</guilabel>.
613	Their names speak for them self.
614	</para>
615
616	<note>
617	<para>
618	A user can only take quota from one group, which has
619	to be specified as the <guilabel>Quota group</guilabel>
620	of the user.
621	</para>
622	</note>
623
624	</listitem>
625	</varlistentry>
626	</variablelist>
627	<para>
628	Go to the other tab,
629	<guilabel>Members</guilabel>,
630	if there are any changes to do otherwise use
631	&gbSave;
632	to save the settings or
633	&gbCancel;
634	to abort.
635	</para>
636	<seeother>
637	<other external_id="group.edit.membership">Edit group members</other>
638	<other external_id="user.edit">Edit user</other>
639	</seeother>
640	</helptext>
641	</sect3>
642
643	<sect3 id="user_administration.groups.edit.members">
644	<title>Group members</title>
645	<helptext external_id="group.edit.membership" title="Edit group members">
646	<para>
647	A group can have both single users and other groups as members. Group
648	members have access to those items that are shared to the group. Each user
649	in the group has the possibility to share their own items to one or more of
650	the other members or to the whole group.
651	</para>
652
653	<variablelist>
654	<varlistentry>
655	<term><guilabel>Members</guilabel></term>
656	<listitem>
657	<para>
658	Lists the user and groups that are already
659	members of this group.
660	</para>
661	</listitem>
662	</varlistentry>
663
664	<varlistentry>
665	<term><guilabel>Add users…</guilabel></term>
666	<listitem>
667	<para>
668	Opens a popup window that allows you to add
669	users to the group. In the popup window, mark
670	one or more users and click on the &gbOk;
671	button. The popup window will not list users that
672	are already members of the group.
673	</para>
674	</listitem>
675	</varlistentry>
676
677	<varlistentry>
678	<term><guilabel>Add groups…</guilabel></term>
679	<listitem>
680	<para>
681	Opens a popup window that allows you to add
682	other groups to the group. In the popup window, mark
683	one or more groups and click on the &gbOk;
684	button. The popup window will not list groups that
685	are already members of the group.
686	</para>
687	</listitem>
688	</varlistentry>
689
690	<varlistentry>
691	<term><guilabel>Remove</guilabel></term>
692	<listitem>
693	<para>
694	Use this button to remove the selected
695	users and/or groups from this group. The selected items will
696	disappear from the list of memberships.
697	</para>
698	</listitem>
699	</varlistentry>
700
701	</variablelist>
702
703	<para>
704	Go to the other tab if there are any changes to do, otherwise use
705	&gbSave;
706	to save the values or
707	&gbCancel;
708	to abort.
709	</para>
710	<seeother>
711	<other external_id="group.edit">Edit group properties</other>
712	</seeother>
713	</helptext>
714	</sect3>
715	</sect2>
716	</sect1>
717
718	<sect1 id="user_administration.roles">
719	<title>Roles administration</title>
720	<para>
721	Roles are meant to represent different kinds of working positions that users can have,
722	like server administrator or regular user just to mention two.
723	Users are normally assigned a role, perhaps more than one, when they are created and
724	registered in BASE.
725	</para>
726
727
728	<sect2 id="user_administration.roles.defaultroles">
729	<title>Pre-defined system roles</title>
730	<para>
731	BASE comes with some pre-defined roles. These are configured to cover the
732	normal user roles that can appear. A more detailed description of the different
733	roles and when to use them follows here.
734	</para>
735	<variablelist>
736	<varlistentry>
737	<term>Administrator</term>
738	<listitem>
739	<para>
740	This role gives the user full permission to do everything in BASE and
741	also possibility to share items with the system-group 'Everyone'. Users
742	that are supposed to administrate the server, user accounts, groups etc.
743	should have this role.
744	</para>
745	</listitem>
746	</varlistentry>
747	<varlistentry>
748	<term>Supervisor</term>
749	<listitem>
750	<para>
751	Users that are members of this role has permission to read everything in
752	BASE. This role does not let the members to actually do anything in BASE
753	except read and supervise.
754	</para>
755	</listitem>
756	</varlistentry>
757	<varlistentry>
758	<term>Power user</term>
759	<listitem>
760	<para>
761	This role allows it's members to do some things that an ordinary user
762	not is allowed to. Most things are related to global resources
763	like reporters, the array lims and plug-ins.
764	This role can be proper for those users that are in
765	some kind of leading position over workgroups or projects.
766	</para>
767	</listitem>
768	</varlistentry>
769	<varlistentry>
770	<term>User</term>
771	<listitem>
772	<para>
773	A role that is suitable for all ordinary users. This allows the members
774	to do common things in BASE such as creating biomaterials and
775	experiments, uploading raw data and analyse it.
776	</para>
777	</listitem>
778	</varlistentry>
779	<varlistentry>
780	<term>Guest</term>
781	<listitem>
782	<para>
783	This is a role with limited access to create new things. It is useful
784	for those who wants to have peek at the program. It can also be
785	used for someone that is helping out with the analysis of an experiment.
786	</para>
787	</listitem>
788	</varlistentry>
789	<varlistentry>
790	<term>Job agent</term>
791	<listitem>
792	<para>
793	This role is given to the job agents and allows them to read and execute
794	jobs. Job agents always runs the jobs as the user who created the job
795	and therefore it have to be able to act as another user.
796	</para>
797	</listitem>
798	</varlistentry>
799	</variablelist>
800	</sect2>
801
802	<sect2 id="user_administration.roles.edit">
803	<title>Edit role</title>
804	<para>
805	Creating a new role or editing the system-roles are something that do not needs to be
806	done very often. The existing roles will normally be enough but there can be some
807	cases when they need to be complemented, either with a new role or with different
808	permissions.
809	</para>
810	<sect3 id="user_administration.roles.edit.properties">
811	<title>Properties</title>
812	<helptext external_id="role.edit" title="Edit role">
813
814	<variablelist>
815	<varlistentry>
816	<term>
817	<guilabel>Name</guilabel>
818	</term>
819	<listitem>
820	<para>The name of the role.</para>
821	</listitem>
822	</varlistentry>
823	<varlistentry>
824	<term>
825	<guilabel>Share to Everyone</guilabel>
826	</term>
827	<listitem>
828	<para>
829	Allows the user to share items to the
830	system-group 'Everyone'.
831	</para>
832	</listitem>
833	</varlistentry>
834
835	<varlistentry>
836	<term><guilabel>Act as another user</guilabel></term>
837	<listitem>
838	<para>
839	Allows the user to login as another user without
840	knowing the password. This is used by job agents
841	to make it possible for them to execute a plug-in
842	as the user that created the job. This permission
843	will also make it possible to switch user in the web
844	interface. It can be useful for an administrator who
845	needs to check out a problem, but use this permission
846	with care.
847	</para>
848	</listitem>
849	</varlistentry>
850
851	<varlistentry>
852	<term>
853	<guilabel>Select job agent for jobs</guilabel>
854	</term>
855	<listitem>
856	<para>
857	Allows the user to select a specific job agent when running jobs.
858	Users without this permission will always have a randomly selected
859	job agent.
860	</para>
861	</listitem>
862	</varlistentry>
863
864	<varlistentry>
865	<term>
866	<guilabel>Default</guilabel>
867	</term>
868	<listitem>
869	<para>
870	Mark this checkbox to let BASE automatically add new users
871	as members to the role.
872	</para>
873	</listitem>
874	</varlistentry>
875	<varlistentry>
876	<term>
877	<guilabel>Description</guilabel>
878	</term>
879	<listitem>
880	<para>Description and information about the role.</para>
881	</listitem>
882	</varlistentry>
883	</variablelist>
884	<para>
885	Set the properties and proceed then to either one of the other tabs or by
886	clicking on one of the buttons:
887	&gbSave;
888	to save the changes or
889	&gbCancel;
890	to abort.
891	</para>
892	<seeother>
893	<other external_id="role.edit.permissions">Role permissions</other>
894	<other external_id="role.edit.members">Role members</other>
895	</seeother>
896	</helptext>
897	</sect3>
898
899	<sect3 id="user_administration.roles.edit.permissions">
900	<title>Permissions</title>
901	<helptext external_id="role.edit.permissions" title="Edit role permissions">
902	<para>
903	A role's permissions are defined for each item type within BASE 2. Set the
904	role's permission on an item type by first selecting the item(s) in the list
905	and then tick those permissions that should be applied. Not all permissions
906	can be applied to every item type, that's why permission check-boxes becomes
907	disabled when selecting some of the item types
908	</para>
909	<para>
910	After each item type in the list is a string inside square brackets that
911	shows what kind of permissions the current role has on that particular item
912	type. The permissions that do not have been set are represented with '-'
913	inside the square brackets and those which have been set are represented
914	with characters that are listed below.
915	</para>
916	<itemizedlist>
917	<listitem>
918	<simpara>
919	<guilabel>DENIED</guilabel>
920	= Deny access to the selected item type. This exclude all the other
921	permissions by unchecking the other check boxes.
922	</simpara>
923	</listitem>
924	<listitem>
925	<simpara>
926	<guilabel>C</guilabel>
927	= Create
928	</simpara>
929	</listitem>
930	<listitem>
931	<simpara>
932	<guilabel>R</guilabel>
933	= Read
934	</simpara>
935	</listitem>
936	<listitem>
937	<simpara>
938	<guilabel>U</guilabel>
939	= Use
940	</simpara>
941	</listitem>
942	<listitem>
943	<simpara>
944	<guilabel>W</guilabel>
945	= Write
946	</simpara>
947	</listitem>
948	<listitem>
949	<simpara>
950	<guilabel>D</guilabel>
951	= Delete
952	</simpara>
953	</listitem>
954	<listitem>
955	<simpara>
956	<guilabel>O</guilabel>
957	= Take ownership
958	</simpara>
959	</listitem>
960	<listitem>
961	<simpara>
962	<guilabel>P</guilabel>
963	= Set permission
964	</simpara>
965	</listitem>
966	</itemizedlist>
967	<para>
968	Set the role's permission on each one of the item types and proceed then to
969	one of the other tabs or click on
970	&gbSave;
971	to save the changes or
972	&gbCancel;
973	to abort.
974	</para>
975	<seeother>
976	<other external_id="role.edit">Edit properties</other>
977	<other external_id="role.edit.members">Role members</other>
978	</seeother>
979	</helptext>
980	</sect3>
981
982	<sect3 id="user_administration.roles.edit.members">
983	<title>Members</title>
984	<helptext external_id="role.edit.members" title="Role members">
985
986	<variablelist>
987	<varlistentry>
988	<term><guilabel>Members</guilabel></term>
989	<listitem>
990	<para>
991	Users that are members of a role are listed in the list-box located on this
992	tab.
993	</para>
994	</listitem>
995	</varlistentry>
996	<varlistentry>
997	<term><guibutton>Add users</guibutton></term>
998	<listitem>
999	<para>
1000	Select the users that should be added from the list in the
1001	pop-up window. Click on the
1002	&gbOk;
1003	button to close the pop-up window and add the selected users.
1004	</para>
1005	</listitem>
1006	</varlistentry>
1007	<varlistentry>
1008	<term>Remove</term>
1009	<listitem>
1010	<para>
1011	Removes the selected users from the role.
1012	</para>
1013	</listitem>
1014	</varlistentry>
1015	</variablelist>
1016	<para>
1017	Press
1018	&gbSave;
1019	to save the role or go to one of the other tabs if there are more that needs
1020	to be set. Use
1021	&gbClose;
1022	to abort and close the window without saving the changes.
1023	</para>
1024	<seeother>
1025	<other external_id="role.edit">Edit properties</other>
1026	<other external_id="role.edit.permissions">Role permissions</other>
1027	</seeother>
1028	</helptext>
1029	</sect3>
1030	</sect2>
1031	</sect1>
1032
1033	<sect1 id="user_administration.quota">
1034	<title>Disk space/quota</title>
1035	<para>
1036	The administrator can control the maximum size of disk space for users and groups.
1037	A user must be assigned a quota of their own and may optionally have a group
1038	quota as well. If so, the most restrictive quota is checked whenever the user
1039	tries to do something that counts as disk-consuming, for example uploading a file.
1040	</para>
1041
1042	<note>
1043	<para>
1044	The quota is checked before an operation, which is allowed to continue if there
1045	is space left. For example, even if you have only one byte left of disk space
1046	you are allowed to upload a 10MB file.
1047	</para>
1048	</note>
1049
1050	<para>
1051	Read
1052	<xref linkend="user_administration.users.edit" />
1053	and <xref linkend="user_administration.groups.edit" />
1054	for information about how to set a quota for a user and
1055	group.
1056	</para>
1057	<para>
1058	The list of quotas in BASE can be found by using the menu
1059	<menuchoice>
1060	<guimenu>Administrate</guimenu>
1061	<guimenuitem>Quota</guimenuitem>
1062	</menuchoice>.
1063	</para>
1064
1065	<sect2 id="user_administration.quota.edit">
1066	<title>Edit quota</title>
1067	<para>
1068	The edit window has two tabs, one with information about the quota and one where the
1069	limits are defined.
1070	</para>
1071	<sect3 id="user_administration.quota.edit.properties">
1072	<title>Properties</title>
1073	<helptext external_id="quota.edit" title="Edit properties">
1074	<variablelist>
1075	<varlistentry>
1076	<term>
1077	<guilabel>Name</guilabel>
1078	</term>
1079	<listitem>
1080	<para>Name of the quota.</para>
1081	</listitem>
1082	</varlistentry>
1083	<varlistentry>
1084	<term>
1085	<optional>
1086	<guilabel>Description</guilabel>
1087	</optional>
1088	</term>
1089	<listitem>
1090	<para>
1091	Description of the quota. It could be a good idea to
1092	describe the quota's details here. Use the magnifying glass to
1093	edit the text in a larger text area.
1094	</para>
1095	</listitem>
1096	</varlistentry>
1097	</variablelist>
1098	<para>
1099	Go to the other tab if there are values that have not been set. Otherwise use
1100	&gbSave;
1101	to save the settings or
1102	&gbCancel;
1103	to abort.
1104	</para>
1105	</helptext>
1106	</sect3>
1107
1108	<sect3 id="user_administration.quota.edit.values">
1109	<title>Values</title>
1110	<helptext external_id="quota.edit.values" title="Edit quota values">
1111	<para>
1112	The quota values are defined here, both for the primary location and the
1113	secondary location. Use the check box to the right of the input fields to
1114	set unlimited quota. You can use the abbreviations
1115	<abbrev>kb</abbrev>, <abbrev>Mb</abbrev> and <abbrev>Gb</abbrev>
1116	to specify the quota values.
1117	</para>
1118	<variablelist>
1119	<varlistentry>
1120	<term>
1121	<guilabel>Total</guilabel>
1122	</term>
1123	<listitem>
1124	<para>
1125	Limit of total quota. The sum of the other three quotas does not
1126	have to be the same as this, it is always the most restricted
1127	value that is used.
1128	</para>
1129	</listitem>
1130	</varlistentry>
1131	<varlistentry>
1132	<term>
1133	<optional>
1134	<guilabel>Files</guilabel>
1135	</optional>
1136	</term>
1137	<listitem>
1138	<para>Limit of disk space to save files in.</para>
1139	</listitem>
1140	</varlistentry>
1141	<varlistentry>
1142	<term>
1143	<optional>
1144	<guilabel>Raw data</guilabel>
1145	</optional>
1146	</term>
1147	<listitem>
1148	<para>Limit of disk space to save raw data in.</para>
1149	</listitem>
1150	</varlistentry>
1151	<varlistentry>
1152	<term>
1153	<optional>
1154	<guilabel>Experiments</guilabel>
1155	</optional>
1156	</term>
1157	<listitem>
1158	<para>
1159	Limit of disk space that can be used by experiments.
1160	</para>
1161	</listitem>
1162	</varlistentry>
1163	</variablelist>
1164	<para>
1165	When everything have been set the quota is saved by using
1166	&gbSave;. To discard changes use
1167	&gbCancel;.
1168	</para>
1169	</helptext>
1170	</sect3>
1171	</sect2>
1172
1173	<sect2 id="user_administration.quota.diskusage">
1174	<title>Disk usage</title>
1175
1176	<para>
1177	Go to
1178	<menuchoice>
1179	<guimenu>Administrate</guimenu>
1180	<guimenuitem>Disk usage</guimenuitem>
1181	</menuchoice>
1182	if you want to get statistics about how the disk
1183	is used. There are three tabs:
1184	</para>
1185
1186	<variablelist>
1187	<varlistentry>
1188	<term><guilabel>Overview</guilabel></term>
1189	<listitem>
1190	<para>
1191	Gives an overview of the total disk usage.
1192	It is divided per location and quota type.
1193	</para>
1194	</listitem>
1195	</varlistentry>
1196
1197	<varlistentry>
1198	<term><guilabel>Per user</guilabel></term>
1199	<listitem>
1200	<para>
1201	Gives an overview of the disk usage
1202	per user. For each user you can get a summary
1203	displaying the total disk usage and
1204	divided per location and quota type.
1205	Use the <guilabel>View details</guilabel>
1206	link to list all items that uses up disk space.
1207	The list displays the name and type of each item
1208	and the amount of disk space it uses.
1209	</para>
1210	</listitem>
1211	</varlistentry>
1212
1213	<varlistentry>
1214	<term><guilabel>Per group</guilabel></term>
1215	<listitem>
1216	<para>
1217	Gives an overview of the disk usage
1218	per group, with the same functionality
1219	as the per user overview.
1220	</para>
1221	</listitem>
1222	</varlistentry>
1223	</variablelist>
1224
1225	</sect2>
1226
1227	</sect1>
1228	</chapter>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: