Context Navigation

user_administration.xml @ 5683

Visit:

Last change on this file since 5683 was 5683, checked in by Nicklas Nordborg, 12 years ago

References #1590: Documentation cleanup

Account administration.

Property svn:eol-style set to native
Property svn:keywords set to Id

File size: 37.3 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<!DOCTYPE chapter PUBLIC
3	"-//Dawid Weiss//DTD DocBook V3.1-Based Extension for XML and graphics inclusion//EN"
4	"../../../../lib/docbook/preprocess/dweiss-docbook-extensions.dtd">
5	<!--
6	$Id: user_administration.xml 5683 2011-08-02 08:32:20Z nicklas $
7
8	Copyright (C) 2007 Peter Johansson, Nicklas Nordborg, Martin Svensson
9
10	This file is part of BASE - BioArray Software Environment.
11	Available at http://base.thep.lu.se/
12
13	BASE is free software; you can redistribute it and/or
14	modify it under the terms of the GNU General Public License
15	as published by the Free Software Foundation; either version 3
16	of the License, or (at your option) any later version.
17
18	BASE is distributed in the hope that it will be useful,
19	but WITHOUT ANY WARRANTY; without even the implied warranty of
20	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21	GNU General Public License for more details.
22
23	You should have received a copy of the GNU General Public License
24	along with BASE. If not, see <http://www.gnu.org/licenses/>.
25	-->
26
27	<chapter id="user_administration">
28	<?dbhtml dir="user_administration"?>
29	<title>Account administration</title>
30
31	<important>
32	<title>Read <link linkend="project_permission"><xref linkend="project_permission" /></link></title>
33	<para>
34	This chapter contains important information about the
35	permission system BASE uses. It is essential that an
36	administrator knows how this works to be able to set up
37	user, groups and roles smoothly.
38	</para>
39	</important>
40
41	<sect1 id="user_administration.users">
42	<title>Users administration</title>
43	<para>
44	The user list is accessed with
45	<menuchoice>
46	<guimenu>Administrate</guimenu>
47	<guimenuitem>Users</guimenuitem>
48	</menuchoice>
49	and from here are the users' account and contact information managed.
50	</para>
51
52	<sect2 id="user_administration.users.edit">
53	<title>Edit user</title>
54	<para>
55	The pop-up window where information and settings for a user can be edited has three
56	tabs, one for the account related, one with information about the user and one that
57	shows the user's memberships.
58	</para>
59	<sect3 id="user_administration.users.edit.properties">
60	<title>Properties</title>
61	<helptext external_id="user.edit" title="Edit user account">
62	<para>These are the properties for a user account.</para>
63	<variablelist>
64	<varlistentry>
65	<term>
66	<guilabel>Name</guilabel>
67	</term>
68	<listitem>
69	<para>
70	The full name of the user that is associated with the account.
71	</para>
72	</listitem>
73	</varlistentry>
74	<varlistentry>
75	<term>
76	<guilabel>Login</guilabel>
77	</term>
78	<listitem>
79	<para>
80	A login name to use when logging in to the account. The login
81	must be unique among all users.
82	</para>
83	</listitem>
84	</varlistentry>
85	<varlistentry>
86	<term>
87	<optional>
88	<guilabel>External ID</guilabel>
89	</optional>
90	</term>
91	<listitem>
92	<para>
93	An id that is used to identify the user outside BASE (optional).
94	If a value is given it must be unique among all users.
95	</para>
96	</listitem>
97	</varlistentry>
98	<varlistentry>
99	<term>
100	<guilabel>New password</guilabel>
101	</term>
102	<listitem>
103	<para>
104	This is used together with the login name to log in to the
105	account. This is a required field for a new user or if the
106	password should be changed. If the field is left empty the
107	password will be unchanged
108	</para>
109	</listitem>
110	</varlistentry>
111	<varlistentry>
112	<term>
113	<guilabel>Retype password</guilabel>
114	</term>
115	<listitem>
116	<para>
117	Retype the password that is written in
118	<guilabel>New password</guilabel>.
119	</para>
120	</listitem>
121	</varlistentry>
122	<varlistentry>
123	<term>
124	<optional>
125	<guilabel>Quota</guilabel>
126	</optional>
127	</term>
128	<listitem>
129	<para>Set disk quota for the account.</para>
130	</listitem>
131	</varlistentry>
132	<varlistentry>
133	<term>
134	<optional>
135	<guilabel>Quota group</guilabel>
136	</optional>
137	</term>
138	<listitem>
139	<para>
140	Set this if the account should belong to a group with specified
141	quota (optional). With this set the user's possibilities to save items to
142	disk will also depend on how much the rest of the group has
143	saved.
144	</para>
145	</listitem>
146	</varlistentry>
147	<varlistentry>
148	<term>
149	<optional>
150	<guilabel>Home directory</guilabel>
151	</optional>
152	</term>
153	<listitem>
154	<para>
155	Set the account's home directory (optional). A new directory, either empty
156	or from a template, can be created if editing a new user. Select
157	<guilabel>- none -</guilabel>
158	if there should not be any home directory associated with the
159	account.
160	</para>
161	</listitem>
162	</varlistentry>
163	<varlistentry>
164	<term>
165	<optional>
166	<guilabel>Expiration date</guilabel>
167	</optional>
168	</term>
169	<listitem>
170	<para>
171	Define a date in this field if the account should expire on a
172	certain day (optional). The account will be disabled after this date.
173	Leave this empty if the account never should expire.
174	<tip>
175	<para>
176	Use the
177	<guibutton>Calendar…</guibutton>
178	button to pick a date from a calendar in a pop-up window.
179	</para>
180	</tip>
181	</para>
182	</listitem>
183	</varlistentry>
184	<varlistentry>
185	<term>
186	<guilabel>Multi-user account</guilabel>
187	</term>
188	<listitem>
189	<para>
190	This checkbox should be checked if the account should be used by
191	more one user. This will prevent the users from changing the
192	password, contact information and other settings. It will
193	also reset all list filters, column configurations, etc.
194	when the user logs out. Normally, these settings are remembered
195	between log ins.
196	</para>
197	</listitem>
198	</varlistentry>
199	<varlistentry>
200	<term>
201	<guilabel>Disabled</guilabel>
202	</term>
203	<listitem>
204	<para>
205	Disable the account.
206	</para>
207	</listitem>
208	</varlistentry>
209	</variablelist>
210	<para>
211	Go to the other tabs if there are any changes to do otherwise press
212	&gbSave;
213	to save the values or
214	&gbCancel;
215	to abort.
216	</para>
217	<seeother>
218	<other external_id="user.edit.contact">Edit contact information</other>
219	<other external_id="user.additional">Edit additional info</other>
220	<other external_id="user.edit.membership">Group and role membership</other>
221	</seeother>
222	</helptext>
223	</sect3>
224
225	<sect3 id="user._administration.users.edit.contact">
226	<title>Contact information</title>
227	<helptext external_id="user.edit.contact" title="Edit user's contact information">
228	<para>
229	Information about how to get in contact with the user that is associated
230	with the account. All fields on this tab are optional and do not necessarily
231	need to have a value but some can be good to set, like email or phone
232	number.
233	</para>
234	<variablelist>
235	<varlistentry>
236	<term>
237	<optional>
238	<guilabel>Email</guilabel>
239	</optional>
240	</term>
241	<listitem>
242	<para>
243	User's email address. There is some verification of the value
244	but there is no check if the email really exists.
245	</para>
246	</listitem>
247	</varlistentry>
248	<varlistentry>
249	<term>
250	<optional>
251	<guilabel>Organization</guilabel>
252	</optional>
253	</term>
254	<listitem>
255	<para>The company or organization that the user works for.</para>
256	</listitem>
257	</varlistentry>
258	<varlistentry>
259	<term>
260	<optional>
261	<guilabel>Address</guilabel>
262	</optional>
263	</term>
264	<listitem>
265	<para>
266	User's mail address. Use the magnifying glass down to the right,
267	to edit this property in a larger window.
268	</para>
269	</listitem>
270	</varlistentry>
271	<varlistentry>
272	<term>
273	<optional>
274	<guilabel>Phone</guilabel>
275	</optional>
276	</term>
277	<listitem>
278	<para>
279	User's phone number(s)
280	<note>
281	<para>
282	There is no special field for mobile phone, but it works
283	fine to put more then one number in this field.
284	</para>
285	</note>
286	</para>
287	</listitem>
288	</varlistentry>
289	<varlistentry>
290	<term>
291	<optional>
292	<guilabel>Fax</guilabel>
293	</optional>
294	</term>
295	<listitem>
296	<para>User's fax number.</para>
297	</listitem>
298	</varlistentry>
299	<varlistentry>
300	<term>
301	<optional>
302	<guilabel>Url</guilabel>
303	</optional>
304	</term>
305	<listitem>
306	<para>A URL that is associated with the user.</para>
307	</listitem>
308	</varlistentry>
309	<varlistentry>
310	<term>
311	<optional>
312	<guilabel>Description</guilabel>
313	</optional>
314	</term>
315	<listitem>
316	<para>
317	Other useful contact information or description about the user
318	can be written in this field. Use the magnifying glass to edit
319	the information in a pop-up window with a larger text-area.
320	</para>
321	</listitem>
322	</varlistentry>
323	</variablelist>
324	<para>
325	Go to the other tabs if there are any changes to do otherwise press
326	&gbSave;
327	to save the values or
328	&gbCancel;
329	to abort.
330	</para>
331	<seeother>
332	<other external_id="user.edit">Edit account</other>
333	<other external_id="user.additional">Edit additional info</other>
334	<other external_id="user.edit.membership">Group and role membership</other>
335	</seeother>
336	</helptext>
337	</sect3>
338
339	<sect3 id="user_administration.users.edit.additional">
340	<title>Additional information</title>
341	<helptext external_id="user.edit.additional" title="Additional information">
342	<para>
343	This tab contains fields that hold various information about the user. There are
344	by default two fields in BASE but this could easily be changed by the
345	server administrator. How this configuration is done can be read in
346	<xref linkend="appendix.extendedproperties" />
347	<note>
348	<para>
349	The
350	<guilabel>Additional info</guilabel>
351	tab is only visible if there is one or more property defined for
352	<classname docapi="net.sf.basedb.core.data">UserData</classname>
353	in the configuration file for extended properties.
354	</para>
355	</note>
356
357	These are the fields that are installed with BASE
358	<variablelist>
359	<varlistentry>
360	<term>
361	<guilabel>Mobile</guilabel>
362	</term>
363	<listitem>
364	<para>
365	The user's mobile number could be put in this field. This
366	field could be left empty.
367	</para>
368	</listitem>
369	</varlistentry>
370	<varlistentry>
371	<term>
372	<guilabel>Skype</guilabel>
373	</term>
374	<listitem>
375	<para>
376	Skype contact information, if the user has a registered
377	Skype account. This field could be left empty.
378	</para>
379	</listitem>
380	</varlistentry>
381	</variablelist>
382	</para>
383	<para>
384	Go to the other tabs if there are any changes to do otherwise press
385	&gbSave;
386	to save the values or
387	&gbCancel;
388	to abort.
389	</para>
390	<seeother>
391	<other external_id="user.edit">Edit account</other>
392	<other external_id="user.contact">Edit contact</other>
393	<other external_id="user.edit.membership">Group and role membership</other>
394	</seeother>
395	</helptext>
396	</sect3>
397
398	<sect3 id="user_administration.users.edit.membership">
399	<title>Group and role membership</title>
400	<helptext external_id="user.edit.membership" title="Group and role membership">
401	<para>
402	On this tab, the group and role membership of a user can be
403	specified. The membership can also be changed by editing the
404	group and/or role.
405
406	<note>
407	<para>
408	When adding a new user, the user is automatically added
409	as a member to all groups and roles that has been marked
410	as <emphasis>default</emphasis>. In the standard BASE distribution
411	the <emphasis>User</emphasis> role is marked as a default role.
412	</para>
413	</note>
414	</para>
415
416	<variablelist>
417	<varlistentry>
418	<term><guilabel>Member in</guilabel></term>
419	<listitem>
420	<para>
421	Lists the groups and roles the user already is a member of.
422	</para>
423	</listitem>
424	</varlistentry>
425
426	<varlistentry>
427	<term><guilabel>Add groups…</guilabel></term>
428	<listitem>
429	<para>
430	Opens a pop-up window that allows you to select
431	groups. In the pop-up window, mark
432	one or more groups and click on the &gbOk;
433	button. The pop-up window will not list groups that
434	the user already is a member of.
435	</para>
436	</listitem>
437	</varlistentry>
438
439	<varlistentry>
440	<term><guilabel>Add roles…</guilabel></term>
441	<listitem>
442	<para>
443	Opens a pop-up window that allows you to select
444	roles. In the pop-up window, mark
445	one or more roles and click on the &gbOk;
446	button. The pop-up window will not list roles that
447	the user already is a member of.
448	</para>
449	</listitem>
450	</varlistentry>
451
452	<varlistentry>
453	<term><guilabel>Remove</guilabel></term>
454	<listitem>
455	<para>
456	Use this button to remove the user from the selected
457	groups and/or roles. The selected items will then disappear
458	from the list of memberships.
459	</para>
460	</listitem>
461	</varlistentry>
462	</variablelist>
463
464	<para>
465	Go to the other tabs if there are any changes to do otherwise press
466	&gbSave;
467	to save the values or
468	&gbCancel;
469	to abort.
470	</para>
471	<seeother>
472	<other external_id="user.edit">Edit user</other>
473	<other external_id="user.edit.contact">Edit contact information</other>
474	<other external_id="user.additional">Edit additional info</other>
475	<other external_id="user.edit.default_membership">Default group and role membership</other>
476	</seeother>
477	</helptext>
478	</sect3>
479	</sect2>
480
481	<sect2 id="user_administration.users.default_membership">
482	<title>Default group and role membership</title>
483
484	<helptext external_id="user.edit.default_membership"
485	title="Default group and role membership">
486	<para>
487	It is possible to automatically let BASE add new users
488	as a member of a pre-defined list of groups and/or roles. This is done
489	by marking those groups and roles as <emphasis>default</emphasis>
490	groups and roles. There are two ways to do this.
491	</para>
492
493	<orderedlist>
494	<listitem>
495	<para>
496	Change the flag in the edit-dialog for each of the groups/roles
497	that you want to assign as default.
498	</para>
499	</listitem>
500
501	<listitem>
502	<para>
503	Use the <guibutton>Default membership</guibutton> button on the
504	<menuchoice>
505	<guimenu>Administrate</guimenu>
506	<guimenuitem>Users</guimenuitem>
507	</menuchoice>
508	page and select groups and roles in a pop-up dialog.
509	The dialog lists all groups and roles that are currently
510	assigned as default. Use the <guibutton>Add groups</guibutton>
511	and <guibutton>Add roles</guibutton> buttons to select more
512	groups and roles. Use the <guibutton>Remove</guibutton> button
513	to remove the selected groups/roles.
514	</para>
515	</listitem>
516	</orderedlist>
517
518	<note>
519	<para>
520	Changing which groups and roles that are the default does not affect
521	existing user accounts. They are only used to assign membership to
522	new users.
523	</para>
524	</note>
525	<seeother>
526	<other external_id="user.edit.membership">Edit user group and role membership</other>
527	</seeother>
528	</helptext>
529	</sect2>
530	</sect1>
531
532	<sect1 id="user_administration.groups">
533	<title>Groups administration</title>
534	<para>
535	Groups in BASE are meant to represent the organizational structure of
536	a company or institution. For example, there can be one group for each
537	department and subgroups for the teams in the departments.
538	The group-membership is normally set when the user is added to BASE and
539	should not have to be changed later, except when the company is re-organizing.
540	</para>
541	<para>
542	There is one pre-installed group in BASE, a system group, called Everyone. It is, like
543	the name says, a group in which everyone (all users) are members. The users that are
544	allowed to share to everyone can easily share items to all users by sharing the item to
545	this group.
546	</para>
547
548	<sect2 id="user_administration.groups.edit">
549	<title>Edit group</title>
550	<para>
551	The pop-up window where a group can be edited has two tabs,
552	<guilabel>Group</guilabel>
553	and
554	<guilabel>Members</guilabel>.
555	</para>
556	<sect3 id="user_administration.groups.edit.properties">
557	<title>Properties</title>
558	<helptext external_id="group.edit" title="Edit group">
559	<variablelist>
560	<varlistentry>
561	<term>
562	<guilabel>Name</guilabel>
563	</term>
564	<listitem>
565	<para>The name of the group.</para>
566	</listitem>
567	</varlistentry>
568	<varlistentry>
569	<term>
570	<guilabel>Default</guilabel>
571	</term>
572	<listitem>
573	<para>
574	Mark this checkbox to let BASE automatically add new users
575	as members to this group.
576	</para>
577	</listitem>
578	</varlistentry>
579	<varlistentry>
580	<term>
581	<guilabel>Hidden members</guilabel>
582	</term>
583	<listitem>
584	<para>
585	Mark this checkbox to create a group with hidden members.
586	This means that a user will not be able to see information about
587	other members in the group, but it is still possible to share items
588	to the group as a whole.
589	</para>
590	</listitem>
591	</varlistentry>
592	<varlistentry>
593	<term>
594	<optional>
595	<guilabel>Description</guilabel>
596	</optional>
597	</term>
598	<listitem>
599	<para>
600	Description about the group. The magnifying glass, down to the
601	right, can be used to open and edit the text in a larger text
602	area.
603	</para>
604	</listitem>
605	</varlistentry>
606	<varlistentry>
607	<term>
608	<optional>
609	<guilabel>Quota</guilabel>
610	</optional>
611	</term>
612	<listitem>
613	<para>
614	With this property it's possible to limit the quota of total
615	disk space for the group members. Select
616	<guilabel>-none-</guilabel>
617	from the drop-down list if the group should not have any quota.
618	There are some presets of quotas that comes with the BASE
619	installation, besides a couple with different size of total disk
620	space there are one called
621	<guilabel>No quota</guilabel>
622	and one with
623	<guilabel>Unlimited quota</guilabel>.
624	Their names speak for them self.
625	</para>
626
627	<note>
628	<para>
629	A user can only take quota from one group, which has
630	to be specified as the <guilabel>Quota group</guilabel>
631	of the user.
632	</para>
633	</note>
634
635	</listitem>
636	</varlistentry>
637	</variablelist>
638	<para>
639	Go to the other tab,
640	<guilabel>Members</guilabel>,
641	if there are any changes to do otherwise use
642	&gbSave;
643	to save the settings or
644	&gbCancel;
645	to abort.
646	</para>
647	<seeother>
648	<other external_id="group.edit.membership">Edit group members</other>
649	<other external_id="user.edit">Edit user</other>
650	</seeother>
651	</helptext>
652	</sect3>
653
654	<sect3 id="user_administration.groups.edit.members">
655	<title>Group members</title>
656	<helptext external_id="group.edit.membership" title="Edit group members">
657	<para>
658	A group can have both single users and other groups as members. Group
659	members have access to those items that are shared to the group. Each user
660	in the group has the possibility to share their own items to one or more of
661	the other members or to the whole group.
662	</para>
663
664	<variablelist>
665	<varlistentry>
666	<term><guilabel>Members</guilabel></term>
667	<listitem>
668	<para>
669	Lists the user and groups that are already
670	members of this group.
671	</para>
672	</listitem>
673	</varlistentry>
674
675	<varlistentry>
676	<term><guilabel>Add users…</guilabel></term>
677	<listitem>
678	<para>
679	Opens a pop-up window that allows you to add
680	users to the group. In the pop-up window, mark
681	one or more users and click on the &gbOk;
682	button. The pop-up window will not list users that
683	are already members of the group.
684	</para>
685	</listitem>
686	</varlistentry>
687
688	<varlistentry>
689	<term><guilabel>Add groups…</guilabel></term>
690	<listitem>
691	<para>
692	Opens a pop-up window that allows you to add
693	other groups to the group. In the pop-up window, mark
694	one or more groups and click on the &gbOk;
695	button. The pop-up window will not list groups that
696	are already members of the group.
697	</para>
698	</listitem>
699	</varlistentry>
700
701	<varlistentry>
702	<term><guilabel>Remove</guilabel></term>
703	<listitem>
704	<para>
705	Use this button to remove the selected
706	users and/or groups from this group. The selected items will
707	disappear from the list of memberships.
708	</para>
709	</listitem>
710	</varlistentry>
711
712	</variablelist>
713
714	<para>
715	Go to the other tab if there are any changes to do, otherwise use
716	&gbSave;
717	to save the values or
718	&gbCancel;
719	to abort.
720	</para>
721	<seeother>
722	<other external_id="group.edit">Edit group properties</other>
723	</seeother>
724	</helptext>
725	</sect3>
726	</sect2>
727	</sect1>
728
729	<sect1 id="user_administration.roles">
730	<title>Roles administration</title>
731	<para>
732	Roles are meant to represent different kinds of working positions that users can have,
733	like server administrator or regular user just to mention two.
734	Users are normally assigned a role, perhaps more than one, when they are created and
735	registered in BASE.
736	</para>
737
738
739	<sect2 id="user_administration.roles.defaultroles">
740	<title>Pre-defined system roles</title>
741	<para>
742	BASE comes with some pre-defined roles. These are configured to cover the
743	normal user roles that can appear. A more detailed description of the different
744	roles and when to use them follows here.
745	</para>
746	<variablelist>
747	<varlistentry>
748	<term>Administrator</term>
749	<listitem>
750	<para>
751	This role gives the user full permission to do everything in BASE and
752	also possibility to share items with the system-group 'Everyone'. Users
753	that are supposed to administrate the server, user accounts, groups etc.
754	should have this role.
755	</para>
756	</listitem>
757	</varlistentry>
758	<varlistentry>
759	<term>Supervisor</term>
760	<listitem>
761	<para>
762	Users that are members of this role has permission to read everything in
763	BASE. This role does not let the members to actually do anything in BASE
764	except read and supervise.
765	</para>
766	</listitem>
767	</varlistentry>
768	<varlistentry>
769	<term>Power user</term>
770	<listitem>
771	<para>
772	This role allows it's members to do some things that an ordinary user
773	not is allowed to. Most things are related to global resources
774	like reporters, the array lims and plug-ins.
775	This role can be proper for those users that are in
776	some kind of leading position over work groups or projects.
777	</para>
778	</listitem>
779	</varlistentry>
780	<varlistentry>
781	<term>User</term>
782	<listitem>
783	<para>
784	A role that is suitable for all ordinary users. This allows the members
785	to do common things in BASE such as creating biomaterials and
786	experiments, uploading raw data and analyse it.
787	</para>
788	</listitem>
789	</varlistentry>
790	<varlistentry>
791	<term>Guest</term>
792	<listitem>
793	<para>
794	This is a role with limited access to create new things. It is useful
795	for those who wants to have peek at the program. It can also be
796	used for someone that is helping out with the analysis of an experiment.
797	</para>
798	</listitem>
799	</varlistentry>
800	<varlistentry>
801	<term>Job agent</term>
802	<listitem>
803	<para>
804	This role is given to the job agents and allows them to read and execute
805	jobs. Job agents always runs the jobs as the user who created the job
806	and therefore it have to be able to act as another user.
807	</para>
808	</listitem>
809	</varlistentry>
810	</variablelist>
811	</sect2>
812
813	<sect2 id="user_administration.roles.edit">
814	<title>Edit role</title>
815	<para>
816	Creating a new role or editing the system-roles are something that do not needs to be
817	done very often. The existing roles will normally be enough but there can be some
818	cases when they need to be complemented, either with a new role or with different
819	permissions.
820	</para>
821	<sect3 id="user_administration.roles.edit.properties">
822	<title>Properties</title>
823	<helptext external_id="role.edit" title="Edit role">
824
825	<variablelist>
826	<varlistentry>
827	<term>
828	<guilabel>Name</guilabel>
829	</term>
830	<listitem>
831	<para>The name of the role.</para>
832	</listitem>
833	</varlistentry>
834	<varlistentry>
835	<term>
836	<guilabel>Share to Everyone</guilabel>
837	</term>
838	<listitem>
839	<para>
840	Allows the user to share items to the
841	system-group 'Everyone'.
842	</para>
843	</listitem>
844	</varlistentry>
845
846	<varlistentry>
847	<term><guilabel>Act as another user</guilabel></term>
848	<listitem>
849	<para>
850	Allows the user to login as another user without
851	knowing the password. This is used by job agents
852	to make it possible for them to execute a plug-in
853	as the user that created the job. This permission
854	will also make it possible to switch user in the web
855	interface. It can be useful for an administrator who
856	needs to check out a problem, but use this permission
857	with care.
858	</para>
859	</listitem>
860	</varlistentry>
861
862	<varlistentry>
863	<term>
864	<guilabel>Select job agent for jobs</guilabel>
865	</term>
866	<listitem>
867	<para>
868	Allows the user to select a specific job agent when running jobs.
869	Users without this permission will always have a randomly selected
870	job agent.
871	</para>
872	</listitem>
873	</varlistentry>
874
875	<varlistentry>
876	<term>
877	<guilabel>Default</guilabel>
878	</term>
879	<listitem>
880	<para>
881	Mark this checkbox to let BASE automatically add new users
882	as members to the role.
883	</para>
884	</listitem>
885	</varlistentry>
886	<varlistentry>
887	<term>
888	<guilabel>Description</guilabel>
889	</term>
890	<listitem>
891	<para>Description and information about the role.</para>
892	</listitem>
893	</varlistentry>
894	</variablelist>
895	<para>
896	Set the properties and proceed then to either one of the other tabs or by
897	clicking on one of the buttons:
898	&gbSave;
899	to save the changes or
900	&gbCancel;
901	to abort.
902	</para>
903	<seeother>
904	<other external_id="role.edit.permissions">Role permissions</other>
905	<other external_id="role.edit.members">Role members</other>
906	</seeother>
907	</helptext>
908	</sect3>
909
910	<sect3 id="user_administration.roles.edit.permissions">
911	<title>Permissions</title>
912	<helptext external_id="role.edit.permissions" title="Edit role permissions">
913	<para>
914	A role's permissions are defined for each item type within BASE. Set the
915	role's permission on an item type by first selecting the item(s) in the list
916	and then tick those permissions that should be applied. Not all permissions
917	can be applied to every item type, that's why permission check-boxes becomes
918	disabled when selecting some of the item types
919	</para>
920	<para>
921	After each item type in the list is a string inside square brackets that
922	shows what kind of permissions the current role has on that particular item
923	type. The permissions that do not have been set are represented with '-'
924	inside the square brackets and those which have been set are represented
925	with characters that are listed below.
926	</para>
927	<itemizedlist>
928	<listitem>
929	<simpara>
930	<guilabel>DENIED</guilabel>
931	= Deny access to the selected item type. This exclude all the other
932	permissions by unchecking the other check boxes.
933	</simpara>
934	</listitem>
935	<listitem>
936	<simpara>
937	<guilabel>C</guilabel>
938	= Create
939	</simpara>
940	</listitem>
941	<listitem>
942	<simpara>
943	<guilabel>R</guilabel>
944	= Read
945	</simpara>
946	</listitem>
947	<listitem>
948	<simpara>
949	<guilabel>U</guilabel>
950	= Use
951	</simpara>
952	</listitem>
953	<listitem>
954	<simpara>
955	<guilabel>W</guilabel>
956	= Write
957	</simpara>
958	</listitem>
959	<listitem>
960	<simpara>
961	<guilabel>D</guilabel>
962	= Delete
963	</simpara>
964	</listitem>
965	<listitem>
966	<simpara>
967	<guilabel>O</guilabel>
968	= Set owner
969	</simpara>
970	</listitem>
971	<listitem>
972	<simpara>
973	<guilabel>P</guilabel>
974	= Set permission
975	</simpara>
976	</listitem>
977	</itemizedlist>
978	<para>
979	Set the role's permission on each one of the item types and proceed then to
980	one of the other tabs or click on
981	&gbSave;
982	to save the changes or
983	&gbCancel;
984	to abort.
985	</para>
986	<seeother>
987	<other external_id="role.edit">Edit properties</other>
988	<other external_id="role.edit.members">Role members</other>
989	</seeother>
990	</helptext>
991	</sect3>
992
993	<sect3 id="user_administration.roles.edit.members">
994	<title>Members</title>
995	<helptext external_id="role.edit.members" title="Role members">
996
997	<variablelist>
998	<varlistentry>
999	<term><guilabel>Members</guilabel></term>
1000	<listitem>
1001	<para>
1002	Users that are members of a role are listed in the list-box located on this
1003	tab.
1004	</para>
1005	</listitem>
1006	</varlistentry>
1007	<varlistentry>
1008	<term><guibutton>Add users</guibutton></term>
1009	<listitem>
1010	<para>
1011	Select the users that should be added from the list in the
1012	pop-up window. Click on the
1013	&gbOk;
1014	button to close the pop-up window and add the selected users.
1015	</para>
1016	</listitem>
1017	</varlistentry>
1018	<varlistentry>
1019	<term>Remove</term>
1020	<listitem>
1021	<para>
1022	Removes the selected users from the role.
1023	</para>
1024	</listitem>
1025	</varlistentry>
1026	</variablelist>
1027	<para>
1028	Press
1029	&gbSave;
1030	to save the role or go to one of the other tabs if there are more that needs
1031	to be set. Use
1032	&gbClose;
1033	to abort and close the window without saving the changes.
1034	</para>
1035	<seeother>
1036	<other external_id="role.edit">Edit properties</other>
1037	<other external_id="role.edit.permissions">Role permissions</other>
1038	</seeother>
1039	</helptext>
1040	</sect3>
1041	</sect2>
1042	</sect1>
1043
1044	<sect1 id="user_administration.quota">
1045	<title>Disk space/quota</title>
1046	<para>
1047	The administrator can control the maximum size of disk space for users and groups.
1048	A user must be assigned a quota of their own and may optionally have a group
1049	quota as well. If so, the most restrictive quota is checked whenever the user
1050	tries to do something that counts as disk-consuming, for example uploading a file.
1051	</para>
1052
1053	<note>
1054	<para>
1055	The quota is checked before an operation, which is allowed to continue if there
1056	is space left. For example, even if you have only one byte left of disk space
1057	you are allowed to upload a 10MB file.
1058	</para>
1059	</note>
1060
1061	<para>
1062	Read
1063	<xref linkend="user_administration.users.edit" />
1064	and <xref linkend="user_administration.groups.edit" />
1065	for information about how to set a quota for a user and
1066	group.
1067	</para>
1068	<para>
1069	The list of quotas in BASE can be found by using the menu
1070	<menuchoice>
1071	<guimenu>Administrate</guimenu>
1072	<guimenuitem>Quota</guimenuitem>
1073	</menuchoice>.
1074	</para>
1075
1076	<sect2 id="user_administration.quota.edit">
1077	<title>Edit quota</title>
1078	<para>
1079	The edit window has two tabs, one with information about the quota and one where the
1080	limits are defined.
1081	</para>
1082	<sect3 id="user_administration.quota.edit.properties">
1083	<title>Properties</title>
1084	<helptext external_id="quota.edit" title="Edit properties">
1085	<variablelist>
1086	<varlistentry>
1087	<term>
1088	<guilabel>Name</guilabel>
1089	</term>
1090	<listitem>
1091	<para>Name of the quota.</para>
1092	</listitem>
1093	</varlistentry>
1094	<varlistentry>
1095	<term>
1096	<optional>
1097	<guilabel>Description</guilabel>
1098	</optional>
1099	</term>
1100	<listitem>
1101	<para>
1102	Description of the quota. It could be a good idea to
1103	describe the quota's details here. Use the magnifying glass to
1104	edit the text in a larger text area.
1105	</para>
1106	</listitem>
1107	</varlistentry>
1108	</variablelist>
1109	<para>
1110	Go to the other tab if there are values that have not been set. Otherwise use
1111	&gbSave;
1112	to save the settings or
1113	&gbCancel;
1114	to abort.
1115	</para>
1116	</helptext>
1117	</sect3>
1118
1119	<sect3 id="user_administration.quota.edit.values">
1120	<title>Values</title>
1121	<helptext external_id="quota.edit.values" title="Edit quota values">
1122	<para>
1123	The quota values are defined here, both for the primary location and the
1124	secondary location. Use the check box to the right of the input fields to
1125	set unlimited quota. You can use the abbreviations
1126	<abbrev>kb</abbrev>, <abbrev>Mb</abbrev> and <abbrev>Gb</abbrev>
1127	to specify the quota values.
1128	</para>
1129	<variablelist>
1130	<varlistentry>
1131	<term>
1132	<guilabel>Total</guilabel>
1133	</term>
1134	<listitem>
1135	<para>
1136	Limit of total quota. The sum of the other three quotas does not
1137	have to be the same as this, it is always the most restricted
1138	value that is used.
1139	</para>
1140	</listitem>
1141	</varlistentry>
1142	<varlistentry>
1143	<term>
1144	<optional>
1145	<guilabel>Files</guilabel>
1146	</optional>
1147	</term>
1148	<listitem>
1149	<para>Limit of disk space to save files in.</para>
1150	</listitem>
1151	</varlistentry>
1152	<varlistentry>
1153	<term>
1154	<optional>
1155	<guilabel>Raw data</guilabel>
1156	</optional>
1157	</term>
1158	<listitem>
1159	<para>Limit of disk space to save raw data in.</para>
1160	</listitem>
1161	</varlistentry>
1162	<varlistentry>
1163	<term>
1164	<optional>
1165	<guilabel>Experiments</guilabel>
1166	</optional>
1167	</term>
1168	<listitem>
1169	<para>
1170	Limit of disk space that can be used by experiments.
1171	</para>
1172	</listitem>
1173	</varlistentry>
1174	</variablelist>
1175	<para>
1176	When everything have been set the quota is saved by using
1177	&gbSave;. To discard changes use
1178	&gbCancel;.
1179	</para>
1180	</helptext>
1181	</sect3>
1182	</sect2>
1183
1184	<sect2 id="user_administration.quota.diskusage">
1185	<title>Disk usage</title>
1186
1187	<para>
1188	Go to
1189	<menuchoice>
1190	<guimenu>Administrate</guimenu>
1191	<guimenuitem>Disk usage</guimenuitem>
1192	</menuchoice>
1193	if you want to get statistics about how the disk
1194	is used. There are three tabs:
1195	</para>
1196
1197	<variablelist>
1198	<varlistentry>
1199	<term><guilabel>Overview</guilabel></term>
1200	<listitem>
1201	<para>
1202	Gives an overview of the total disk usage.
1203	It is divided per location and quota type.
1204	</para>
1205	</listitem>
1206	</varlistentry>
1207
1208	<varlistentry>
1209	<term><guilabel>Per user</guilabel></term>
1210	<listitem>
1211	<para>
1212	Gives an overview of the disk usage
1213	per user. For each user you can get a summary
1214	displaying the total disk usage and
1215	divided per location and quota type.
1216	Use the <guilabel>View details</guilabel>
1217	link to list all items that uses up disk space.
1218	The list displays the name and type of each item
1219	and the amount of disk space it uses.
1220	</para>
1221	</listitem>
1222	</varlistentry>
1223
1224	<varlistentry>
1225	<term><guilabel>Per group</guilabel></term>
1226	<listitem>
1227	<para>
1228	Gives an overview of the disk usage
1229	per group, with the same functionality
1230	as the per user overview.
1231	</para>
1232	</listitem>
1233	</varlistentry>
1234	</variablelist>
1235
1236	</sect2>
1237
1238	</sect1>
1239	</chapter>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/doc/src/docbook/admindoc/user_administration.xml @ 5683

Download in other formats: