Changeset 3310 for trunk/doc/src/docbook/admindoc/user_administration.xml
- Timestamp:
- May 9, 2007, 9:18:29 AM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/doc/src/docbook/admindoc/user_administration.xml
r3300 r3310 30 30 <?dbhtml dir="user_administration"?> 31 31 <title>Account administration</title> 32 33 <sect1 id="user_administration.permissions"> 34 <title>Permission system</title> 35 <para> 36 Users get their general permissions from the role they belong to and more item specific 37 permissions from shared items in groups and projects that they are members in. An user 38 has always full permissions on it's own items. 39 </para> 40 <para> 41 As an administrator you only have to think of what kinds of tasks an user is going to work 42 with and give he/she the appropriate role for that. 43 </para> 44 <para> 45 More information about the permission system and working with projects can be found in 46 <xref linkend="project_permission" /> 47 </para> 48 </sect1> 32 49 33 50 <sect1 id="user_administration.users"> … … 124 141 <para> 125 142 Set this if the account should belong to a group with specified 126 quota.(Optional) 143 quota. With this set the user's possibilities to save items to 144 disk will also depends on how much the rest of the group has 145 saved.(Optional) 127 146 </para> 128 147 </listitem> … … 357 376 <sect1 id="user_administration.groups"> 358 377 <title>Groups administration</title> 359 <para></para> 378 <para> 379 Groups in BASE are ment to represent physical groups that are working with the program. 380 It can be departments in an organisation or some kind of lab teams, just to mention some 381 examples. An user's group-membership is set when the user is added to BASE and shouldn't 382 normaly have to be changed later. 383 </para> 384 <para> 385 There is one pre-installed group in BASE, a system group, called Everyone. It is, like 386 the name says, a group in which everyone(all users) are members. The users with a role 387 that allows sharing to everyone can easily share items to all users by using this group 388 to share to. 389 </para> 360 390 361 391 <sect2 id="user_administration.groups.edit"> … … 398 428 disk space for the group members. Select 399 429 <guilabel>-none-</guilabel> 400 from the dropdown list if the group shouldn't be a quota group.430 from the dropdown list if the group shouldn't have any quota. 401 431 There are some presets of quotas that comes with the BASE2 402 432 installation, besides a couple with different size of total disk … … 405 435 and one with 406 436 <guilabel>Unlimited quota</guilabel> 407 . The names speak for them self.437 . Their names speak for them self. 408 438 </para> 409 439 </listitem> … … 414 444 Go to the other tab, 415 445 <guilabel>Members</guilabel> 416 , if there are any changes to do otherwise press446 , if there are any changes to do otherwise use 417 447 <guibutton>Save</guibutton> 418 to save the values or448 to save the settings or 419 449 <guibutton>Cancel</guibutton> 420 450 to abort. … … 424 454 </seeother> 425 455 </helptext> 426 456 427 457 <helptext external_id="group.edit.membership" title="Edit group members"> 428 458 <sect3 id="user_administration.groups.edit.members"> … … 431 461 A group can have both single users and whole groups as members. Group 432 462 members have access to those items that are shared to the group. Each user 433 in the group can choose to share their own items to one or more of the other434 members or to the whole group.463 in the group has the possibility to share their own items to one or more of 464 the other members or to the whole group. 435 465 </para> 436 466 <para> … … 444 474 </sect3> 445 475 <para> 446 Go to the group tab if there are any changes to do, otherwise press476 Go to the other tab if there are any changes to do, otherwise use 447 477 <guibutton>Save</guibutton> 448 478 to save the values or … … 455 485 </helptext> 456 486 </sect2> 457 458 487 </sect1> 459 488 460 489 <sect1 id="user_administration.roles"> 461 490 <title>Roles administration</title> 462 <para></para> 491 <para> 492 Roles are different kinds of working positions that users can have, like server 493 adminstrator or regular user just to mention two. The permissions for a role are set 494 depending on what it is going to do in BASE. 495 </para> 496 <para> 497 Users are normally assigned a role, perhaps more then one, when they are 498 created and registered in BASE. 499 </para> 500 501 <sect2 id="user_administration.roles.edit"> 502 <title>Edit role</title> 503 <para> 504 Creating a new role or editing the system-roles are something that don't needs to be 505 done very often. The existing roles will normaly be enough but there can be some 506 cases when they need to be complemented, either with a new role or with different 507 permissions. 508 </para> 509 <helptext external_id="role.edit" title="Edit role"> 510 <sect3 id="user_administration.roles.edit.properties"> 511 <title>Properties</title> 512 <para></para> 513 <variablelist> 514 <varlistentry> 515 <term> 516 <guilabel>Name</guilabel> 517 </term> 518 <listitem> 519 <para>The role's name. (Required)</para> 520 </listitem> 521 </varlistentry> 522 <varlistentry> 523 <term> 524 <guilabel>System-level permissions</guilabel> 525 </term> 526 <listitem> 527 <itemizedlist> 528 <listitem><simpara> 529 With 530 <guilabel>Share to Everyone</guilabel> 531 set the role is allowed to share items to the system-group 532 'Everyone'.</simpara> 533 </listitem> 534 <listitem><simpara> 535 <guilabel>Act as another user</guilabel> 536 - property makes it possible for the one with this role to 537 login from the menu bar as another user. This is used by job 538 agents when they should act as the user who started the job.</simpara> 539 </listitem> 540 </itemizedlist> 541 </listitem> 542 </varlistentry> 543 <varlistentry> 544 <term> 545 <guilabel>Description</guilabel> 546 </term> 547 <listitem> 548 <para>Description and information about the role.(Optional)</para> 549 </listitem> 550 </varlistentry> 551 </variablelist> 552 <para> 553 Set the properties and procceed then to either one of the other tabs or by 554 clicking on one of the buttons: 555 <guibutton>Save</guibutton> 556 to save the changes or 557 <guibutton>Cancel</guibutton> 558 to abort. 559 </para> 560 </sect3> 561 <seeother> 562 <other external_id="role.edit.permissions">Role permissions</other> 563 <other external_id="role.edit.members">Role members</other> 564 </seeother> 565 </helptext> 566 567 <helptext external_id="role.edit.permissions" title="Edit role permissions"> 568 <sect3 id="user_administration.roles.edit.permissions"> 569 <title>Permissions</title> 570 <para> 571 A role's permissions are defined for each item type within BASE 2. Set the 572 role's permission on an item type by first selecting the item(s) in the 573 list and then tick those permissions that should be applied. Not all 574 permissions can be applied to every item type, that's why permission 575 checkboxes becomes disabled when selecting some of the item types 576 </para> 577 <para> 578 After each item type is a string inside square brackets that shows what kind 579 of permissions the current role has on that particular item type. The 580 permissions that don't have been set are viewed with '-' inside the square 581 brackets and those which have been set are represented with characters that 582 are listed below. 583 </para> 584 <itemizedlist spacing="compact"> 585 <listitem> 586 <simpara> 587 <guilabel>DENIED</guilabel> 588 = Deny access to the selected item. This exclude all the other 589 permissions by unchecking the other check boxes. 590 </simpara> 591 </listitem> 592 <listitem> 593 <simpara> 594 <guilabel>C</guilabel> 595 = Create 596 </simpara> 597 </listitem> 598 <listitem> 599 <simpara> 600 <guilabel>R</guilabel> 601 = Read 602 </simpara> 603 </listitem> 604 <listitem> 605 <simpara> 606 <guilabel>U</guilabel> 607 = Use 608 </simpara> 609 </listitem> 610 <listitem> 611 <simpara> 612 <guilabel>W</guilabel> 613 = Write 614 </simpara> 615 </listitem> 616 <listitem> 617 <simpara> 618 <guilabel>D</guilabel> 619 = Delete 620 </simpara> 621 </listitem> 622 <listitem> 623 <simpara> 624 <guilabel>O</guilabel> 625 = Take ownership 626 </simpara> 627 </listitem> 628 <listitem> 629 <simpara> 630 <guilabel>P</guilabel> 631 = Set permission 632 </simpara> 633 </listitem> 634 </itemizedlist> 635 <para> 636 Set the role's permission on each one of the item types and procceed then to 637 one of the other tabs or click on one of the buttons: 638 <guibutton>Save</guibutton> 639 to save the changes or 640 <guibutton>Cancel</guibutton> 641 to abort. 642 </para> 643 </sect3> 644 <seeother> 645 <other external_id="role.edit">Edit properties</other> 646 <other external_id="role.edit.members">Role members</other> 647 </seeother> 648 </helptext> 649 650 <helptext external_id="role.edit.members" title="Role members"> 651 <sect3 id="user_administration.roles.edit.members"> 652 <title>Members</title> 653 <para> 654 Users that are members of a role are listed in the listbox located on this 655 tab.Members can be added or removed with the two buttons, located to the 656 right of the listbox, 657 <guibutton>Add users…</guibutton> 658 and 659 <guibutton>Remove</guibutton> 660 . 661 </para> 662 <variablelist> 663 <varlistentry> 664 <term>Add users to list</term> 665 <listitem> 666 <para> 667 Click on 668 <guibutton>Add users…</guibutton> 669 and select the users that should be added from the list in the 670 pop-up window. Press then on 671 <guibutton>Ok</guibutton> 672 button to close the pop-up window and add the selected users. 673 Use 674 <guibutton>Cancel</guibutton> 675 or just close the pop-up to abort and return to main window. 676 </para> 677 </listitem> 678 </varlistentry> 679 <varlistentry> 680 <term>Remove users from list</term> 681 <listitem> 682 <para> 683 Members are removed from the list by first selecting them and 684 then pressing 685 <guibutton>Remove</guibutton> 686 . The selected user(s) are removed immediately. 687 </para> 688 </listitem> 689 </varlistentry> 690 </variablelist> 691 <para> 692 Press 693 <guibutton>Save</guibutton> 694 to save the role or go to one of the other tabs if there are more that needs 695 to be set. Use 696 <guibutton>Close</guibutton> 697 to abort and close the window without saving the changes. 698 </para> 699 </sect3> 700 <seeother> 701 <other external_id="role.edit">Edit properties</other> 702 <other external_id="role.edit.permissions">Role permissions</other> 703 </seeother> 704 </helptext> 705 </sect2> 706 463 707 <sect2 id="user_administration.roles.defaultroles"> 464 708 <title>Default roles</title> 465 709 <para> 466 There some default roles that come with BASE2. These are configured to cover the710 There are some default roles that come with BASE2. These are configured to cover the 467 711 normal user roles that can appear. A more detailed description of the different 468 712 roles and when to use them follows here. … … 473 717 <listitem> 474 718 <para> 475 This role gives the user full permission to everything in BASE and also476 possibility to share items with the system-group 'Everyone'. Users that477 are supposed to administrate the server, usersaccounts, groups etc.719 This role gives the user full permission to do everything in BASE and 720 also possibility to share items with the system-group 'Everyone'. Users 721 that are supposed to administrate the server, user accounts, groups etc. 478 722 should have this role. 479 723 </para> … … 485 729 <para> 486 730 Users that are members of this role has permission to read everything in 487 BASE. This role doesn't let the members to actually do anything in BASE488 except read .731 BASE. This role doesn't let the members to actually do anything in BASE 732 except read and supervise. 489 733 </para> 490 734 </listitem> … … 504 748 <listitem> 505 749 <para> 506 Role for regular users to have. This allows the members to do common 507 things in BASE as analysis, creating biomaterials and experiments and so 508 on. 750 A role that is suitable for any ordinary users. This allows the members 751 to do common things in BASE as analysis, creating biomaterials and 752 experiments and so on. 753 </para> 754 </listitem> 755 </varlistentry> 756 <varlistentry> 757 <term>Guest</term> 758 <listitem> 759 <para> 760 This is a role with limited access to create new things. It is useful 761 for those who wants to have peek at the program. 762 </para> 763 </listitem> 764 </varlistentry> 765 <varlistentry> 766 <term>Job agent</term> 767 <listitem> 768 <para> 769 This role is given to the job agents and allows them to read and execute 770 jobs. Job agents always runs the jobs as the user who created the job 771 and therefore it have to be able to act as another user. No more 772 permissions then these are needed for job agents. 509 773 </para> 510 774 </listitem> … … 512 776 </variablelist> 513 777 </sect2> 514 515 <sect2 id="user_administration.roles.edit">516 <title>Edit role</title>517 <para></para>518 <helptext external_id="role.edit" title="Edit role">519 <sect3 id="user_administration.roles.edit.properties">520 <title>Properties</title>521 <para></para>522 <variablelist>523 <varlistentry>524 <term>525 <guilabel>Name</guilabel>526 </term>527 <listitem>528 <para>The name of the role. (Required)</para>529 </listitem>530 </varlistentry>531 <varlistentry>532 <term>533 <guilabel>System-level permissions</guilabel>534 </term>535 <listitem>536 <itemizedlist>537 <listitem>538 <para>539 With540 <guilabel>Share to Everyone</guilabel>541 set the role is allowed to share items to the542 system-group 'Everyone'.543 </para>544 </listitem>545 <listitem>546 <para>547 <guilabel>Act as another user</guilabel>548 - property makes it possible for the one with this role549 to login from the menu bar as another user. This is used550 by job agents when they should act as the user who551 started the job.552 </para>553 </listitem>554 </itemizedlist>555 </listitem>556 </varlistentry>557 <varlistentry>558 <term>559 <guilabel>Description</guilabel>560 </term>561 <listitem>562 <para>Description and information about the role.(Optional)</para>563 </listitem>564 </varlistentry>565 </variablelist>566 <para>567 Set the properties and procceed then to either one of the other tabs or by568 clicking on one of the buttons:569 <guibutton>Save</guibutton>570 to save the changes or571 <guibutton>Cancel</guibutton>572 to abort.573 </para>574 </sect3>575 <seeother>576 <other external_id="role.edit.permissions">Role permissions</other>577 <other external_id="role.edit.members">Role members</other>578 </seeother>579 </helptext>580 581 <helptext external_id="role.edit.permissions" title="Edit role permissions">582 <sect3 id="user_administration.roles.edit.permissions">583 <title>Permissions</title>584 <para>585 A role's permissions are defined for each item type within BASE 2. Set the586 role's permission on an item type by first selecting the item(s) in the587 list and then tick those permissions that should be applied. Not all588 permissions can be applied to every item type, that's why permission589 checkboxes becomes disabled when selecting some of the item types590 </para>591 <para>592 After each item type is a string inside square brackets that shows what kind593 of permissions the current role has on that particular item type. The594 permissions that don't have been set are viewed with '-' inside the square595 brackets and those which have been set are represented with characters that596 are listed below.597 </para>598 <itemizedlist spacing="compact">599 <listitem>600 <guilabel>DENIED</guilabel>601 = Deny access to the selected item. This exclude all the other602 permissions by unchecking the other check boxes.603 </listitem>604 <listitem>605 <guilabel>C</guilabel>606 = Create607 </listitem>608 <listitem>609 <guilabel>R</guilabel>610 = Read611 </listitem>612 <listitem>613 <guilabel>U</guilabel>614 = Use615 </listitem>616 <listitem>617 <guilabel>W</guilabel>618 = Write619 </listitem>620 <listitem>621 <guilabel>D</guilabel>622 = Delete623 </listitem>624 <listitem>625 <guilabel>O</guilabel>626 = Take ownership627 </listitem>628 <listitem>629 <guilabel>P</guilabel>630 = Set permission631 </listitem>632 </itemizedlist>633 <para>634 Set the role's permission on each one of the item types and procceed then to635 one of the other tabs or click on one of the buttons:636 <guibutton>Save</guibutton>637 to save the changes or638 <guibutton>Cancel</guibutton>639 to abort.640 </para>641 </sect3>642 <seeother>643 <other external_id="role.edit">Edit properties</other>644 <other external_id="role.edit.mebers">Role members</other>645 </seeother>646 </helptext>647 648 <helptext external_id="role.edit.members" title="Role members">649 <sect3>650 <title>Members</title>651 <para>652 Users that are members of a role are listed in the listbox located on this653 tab.Members can be added or removed with the two buttons, located to the654 right of the listbox,655 <guibutton>Add users…</guibutton>656 and657 <guibutton>Remove</guibutton>658 .659 </para>660 <variablelist>661 <varlistentry>662 <term>Add users to list</term>663 <listitem>664 <para>665 Click on666 <guibutton>Add users…</guibutton>667 and select the users that should be added from the list in the668 pop-up window. Press then on669 <guibutton>Ok</guibutton>670 button to close the pop-up window and add the selected users.671 Use672 <guibutton>Cancel</guibutton>673 or just close the pop-up to abort and return to main window.674 </para>675 </listitem>676 </varlistentry>677 <varlistentry>678 <term>Remove users from list</term>679 <listitem>680 <para>681 Members are removed from the list by first selecting them and682 then pressing683 <guibutton>Remove</guibutton>684 . The selected user(s) are removed immediately.685 </para>686 </listitem>687 </varlistentry>688 </variablelist>689 <para>690 Press691 <guibutton>Save</guibutton>692 to save the role or go to one of the other tabs if there are more that needs693 to be set. Use694 <guibutton>Close</guibutton>695 to abort and close the window without saving the changes.696 </para>697 </sect3>698 <seeother>699 <other external_id="role.edit">Edit properties</other>700 <other external_id="role.edit.permissions">Role permissions</other>701 </seeother>702 </helptext>703 </sect2>704 778 </sect1> 705 779 706 780 <sect1 id="user_administration.quota"> 707 781 <title>Disk space/quota</title> 708 <para></para> 782 <para> 783 The administrator can control the maximum size of disk space that each user should be 784 able to use. Also groups can have limited disk quota and this will effect when an user 785 is saving something to the database that is disk consuming. The most restricted one of 786 the group's quota and user's quota will be valid and the user will be denied to store 787 the item on the server if one of the disk quotas is filled. 788 </para> 789 <para> 790 More about a user's quota and quota group can be found in 791 <xref linkend="user_administration.groups.edit" /> 792 and 793 <xref linkend="user_administration.users.edit" /> 794 </para> 795 <para> 796 The list of quotas in BASE can be found by using the menu 797 <menuchoice> 798 <guimenu>Administrate</guimenu> 799 <guimenuitem>Quota</guimenuitem> 800 </menuchoice> 801 . 802 </para> 803 804 <sect2 id="user_administration.quota.edit"> 805 <title>Edit quota</title> 806 <para> 807 The edit window has two tabs, one with information about the quota and one 808 where the limits are defined. 809 </para> 810 <helptext external_id="quota.edit" title="Edit properties"> 811 <sect3 id="user_administration.quota.edit.properties"> 812 <title>Properties</title> 813 <variablelist> 814 <varlistentry> 815 <term> 816 <guilabel>Name</guilabel> 817 </term> 818 <listitem> 819 <para>Name of the quota (Required).</para> 820 </listitem> 821 </varlistentry> 822 <varlistentry> 823 <term> 824 <optional> 825 <guilabel>Description</guilabel> 826 </optional> 827 </term> 828 <listitem> 829 <para> 830 Description of the quota(Optional). It could be a good idea to 831 describe the quota's details here. Use the magnifying glas to 832 edit the text in a larger text area. 833 </para> 834 </listitem> 835 </varlistentry> 836 </variablelist> 837 <para> 838 Go to the other tab if there are values that haven't been set. 839 Otherwise use 840 <guibutton>Save</guibutton> 841 to save the settings or 842 <guibutton>Cancel</guibutton> 843 to abort. 844 </para> 845 </sect3> 846 </helptext> 847 848 <helptext external_id="quota.edit.values" title="Edit values"> 849 <sect3 id="user_administration.quota.edit.values"> 850 <title>Values</title> 851 <para> 852 The quota values are defined here, both for the primary location and the 853 secondary location. Use the check box to the right of the input fields to 854 set unlimited quota. 855 </para> 856 <variablelist> 857 <varlistentry> 858 <term> 859 <guilabel>Total</guilabel> 860 </term> 861 <listitem> 862 <para> 863 Limit of total quota. The sum of the other three quotas doesn't 864 have to be the same as this, it is always the most restricted 865 value that is used.(Required) 866 </para> 867 </listitem> 868 </varlistentry> 869 <varlistentry> 870 <term> 871 <optional> 872 <guilabel>Files</guilabel> 873 </optional> 874 </term> 875 <listitem> 876 <para>Limit of disk space to save files in.(Optional)</para> 877 </listitem> 878 </varlistentry> 879 <varlistentry> 880 <term> 881 <optional> 882 <guilabel>Raw data</guilabel> 883 </optional> 884 </term> 885 <listitem> 886 <para>Disk space to save Raw data in.(Optional)</para> 887 </listitem> 888 </varlistentry> 889 <varlistentry> 890 <term> 891 <optional> 892 <guilabel>Experiments</guilabel> 893 </optional> 894 </term> 895 <listitem> 896 <para> 897 Limit of disk space that can be used by experiments.(Optional) 898 </para> 899 </listitem> 900 </varlistentry> 901 </variablelist> 902 <para> 903 When everything have been set the quota is saved by using 904 <guibutton>Save</guibutton> 905 . To discard changes use 906 <guibutton>Cancel</guibutton> 907 . 908 </para> 909 </sect3> 910 </helptext> 911 </sect2> 709 912 </sect1> 710 913 </chapter>
Note: See TracChangeset
for help on using the changeset viewer.
