GPMSWiki/CoreDocumentation/Implementation: Difference between revisions

From BRF-Software
Jump to navigation Jump to search
imported>LutzKrause
No edit summary
imported>LutzKrause
No edit summary
Line 165: Line 165:
extensively uses different roles for a sophisticated access control.  
extensively uses different roles for a sophisticated access control.  


#
  # ROLES defined for GenDB-2.0  
  # ROLES defined for GenDB-2.0  
  #
  #
Line 237: Line 236:
         RIGHT basic_access   
         RIGHT basic_access   


####################################
  ### RIGHTS defined for GenDB-2.0 ###
  ### RIGHTS defined for GenDB-2.0 ###
####################################


  PROJECT_CLASS GENDB  
  PROJECT_CLASS GENDB  
Line 318: Line 315:


{| border="1" cellpadding="2" cellspacing="0"
{| border="1" cellpadding="2" cellspacing="0"
| name  
| name
| description  
| description
|-
|-
| add_host  
| add_host  
Line 357: Line 353:
| add_user  
| add_user  
|  register a new  User
|  register a new  User
|-
|-
| add_member  
| add_member  
Line 402: Line 397:
| del_user  
| del_user  
|  remove a  User from the GPMS
|  remove a  User from the GPMS
|-
|-
| del_member  
| del_member  
Line 416: Line 410:
|-
|-
|  all  Members of all  Projects of a  ProjectClass to a file
|  all  Members of all  Projects of a  ProjectClass to a file
|-
|-
| rem_datasource_from_project  
| rem_datasource_from_project  
Line 435: Line 428:
| list_extern_user  
| list_extern_user  
|  print list of all extern  Users  
|  print list of all extern  Users  
|}
|}



Revision as of 12:42, 25 April 2005

Implementation

This chapter contains details about the implementation of the GPMS. We describe the datamodel for the relational database and explain the attributes of each class. Sample descriptions for the definition of roles and rights complement this section by illustrating the implementation of fine-grained access control.

Database schema for the GPMS

The GPMS was developed as an object-oriented application based on the data model described in the previous section. Since the GPMS required a persistent storage backend we decided to use the O2DBI-2 system which automatically maps the XML class descriptions onto tables that can be stored in a relational database (auto-generated object-relational mapping of Perl objects). At the same time, O2DBI-2 provides a client-server architecture that allows remote connections to the system via a Perl or C++ client. The automatically generated Perl server modules for all described classes have been extended with additional functionality and thus form the GPMS-API. MySQL is currently used as the database backend but other relational database management systems (RDBMS) can be used as they are supported by the O2DBI-2 software. Figure 1 displays the current database schema for the GPMS database (GPMSDB) as it has been generated by O2DBI-2.

File:GPMSWiki$$CoreDocumentation$$Implementation$DBSchemaGPMS.png

Class descriptions

The following sections briefly describe the relevant classes of the data schema (see figure 1). The five core classes Project, User, Member, Role and DataSource are complemented by several simple classes that store additional information.

Project

projects are the central components of the GPMSDB. They connect all relevant classes. projects have a unique name, an additional description, special configurations (e.g. global project settings), and a list of datasources. Each project belongs to a specific projectclass that is described later in this document. The general class project has been extended by several subclasses that can be used to model individual properties and features of special types of projects (e.g. a textitProject::GENDB defines an additional genetic code. GenDB is an annotation system developed at the Center for Genome Research, Bielefeld University).

ProjectClass

A projectclass arranges projects of the same type into groups. Additionally, a projectclass determines the available roles and rights for the individual projects. Hence roles and rights do not have to be defined for every project but only once for all projects of the same projectclass. This approach reduces the complexity of the system and the required work when administering projects. At the same time a concise representation of all project related data is achieved and a consistent use of roles and their corresponding permissions can be ensured. A projectclass has a name and a description. An optional default configuration file can be specified that contains standard configuration parameters. The max_instance_number can be set to define a maximal number of projects of a projectclass an application can open at the same time.

User

Basic user data is stored in user objects. Each user object has to provide a name, a login and an email address. A special flag can be set to determine whether the user is an internal or external (e.g. has access only via web frontends) user.

Member

A user has to become a member of a project in order to gain access to a Project's data. Therefore, a member object relates a user to a project. Each member is also assigned a role that defines the level of access for that project (see description of Role below). Individual configurations for a project can be stored in the User_Project_Configs.

Affiliation

Affiliations allow to associate users and projects with an institution (e.g. CeBiTec). In the various web portals (e.g. MGE Portal) at the CeBiTec users may only request access to projects that belong to the same affiliation. Each user and project is assigned to an affiliation.

Role

Each member of a project has a specific role that determines the level of access and the User's permissions for that project. For example, access can be granted on a very low level with read-only permissions or with complete access onto all data, even with the right to delete everything. Therefore, roles have a list of rights that further define such privileges. Note that roles are defined for a projectclass, not for each single project. An additional "extern" flag can be used to allow setting this role via the web frontend by external project managers. The "script" attribute can be used to store some code that is automatically executed for newly created members with this role.

Rights

rights determine the permissions of a member for a specific project. rights are associated with database privileges. If a user is added to a project as a member all the privileges determined by the rights of the corresponding role will be granted to the user. rights are defined for a projectclass, not for a single project. This approach does not only simplify the maintenance of projects but also ensures a consistent use of roles for all users that have access to projects of a specific projectclass.

DB_Privileges

DB_Privileges refer to a gpmsright and represent the DBMS-specific access privileges. They are always defined for a specific datasourcetype (see below).

DataSource

Applications often need to access and store persistent external data. These are provided as a datasource which is attached to a project. datasources have a name, a description, a host and a datasourcetype. The class "DataSource" has been extended by two special types of data-sources, a database ( DB) and a so called Application Server (see description of DataSource::ApplicationServer below).

Host

Information about the host of a typical datasource are stored in host objects. Each host has a name, a port and a description.

DataSource_Type

The datasourcetype determines the specific type of a datasource. For databases the datasourcetype can also contain a reference to a file that defines the database schema so that a newly created database can be filled with all tables automatically after creation. A project may only have one DB and one ApplicationServer of each datasourcetype so that the connection to the correct datasource can be established automatically.

DataSource::ApplicationServer

An ApplicationServer is a generic datasource that can provide data for an application. The class inherits all attributes of the datasource class and has an additional url and a socket. Note that a project may only have one ApplicationServer of each datasourcetype (see description of DataSource_Type).

DataSource::DB

This class represents all kinds of databases and extends the datasource class. In addition to all inherited attributes of the datasource class a textitDataSource::DB is described by a dbmstype and a dbapi. Note that a project may only have one textitDataSource::DB of each individual datasourcetype (see description of DataSource_Type).

DBMS_Type

The dbmstype describes the database management system that is used to store the databases (e.g. mysql). A dbmstype has a name and a version number.

DB_API_Type

The dbapi is a special class that can be used to define an api for accessing a database ( DataSource::DB). For our purposes this is in most cases an O2DBI or an OI interface.

Project::Meta

Project::Meta is a generic project subclass that combines several arbitrary projects to a new project. A meta-project provides a list of member-projects and inherits all the attributes of project.

Role and Right definitions

The following paragraphs describe the roles and rights as defined for the genome annotation system GenDB-2.0 which extensively uses different roles for a sophisticated access control.

# ROLES defined for GenDB-2.0 
#
PROJECT_CLASS GENDB
# user with read only permissions and almost completely restricted access
# Roles with the tag ext can be assigned to members via the external
# GPMS web frontend. Roles without this tag are not listed in the ext.
# web frontend.
ROLE Guest ext
        RIGHT basic_access 
# user who is allowed to write annotations and recompute the observations
# for a single region
ROLE Annotator ext
        RIGHT basic_access
        RIGHT annotate
        RIGHT export_region_data
        RIGHT recompute
# (external) user who is allowed do most of the necessary tasks to maintain a project
# (e.g. import/export/edit/delete sequence, add tools and submit all jobs)
# this role should be used if several persons have to edit the sequence e.g. to correct frameshifts
ROLE Maintainer
        RIGHT basic_access
        RIGHT recompute
        RIGHT submit_jobs
        RIGHT contig_import_export              
        RIGHT edit_sequence
        RIGHT add_tools
        RIGHT export_region_data
        RIGHT delete_contig
        RIGHT annotate
        RIGHT region_prediction
# user who is responsible for the database and for the solution of bugs and problems
# can do almost everything and also MODIFY THE DATABASE (e.g. alter table)
ROLE Developer
        RIGHT contig_import_export
        RIGHT region_prediction
        RIGHT submit_jobs
        RIGHT recompute
        # frame-shift correction and contig update
        RIGHT edit_sequence 
        RIGHT add_tools
        RIGHT export_region_data
        RIGHT delete_contig
        RIGHT configure_project
        RIGHT basic_access
        RIGHT annotate
        RIGHT modify_db
# user who is responsible for the project (in the majority of cases this is one of the  
# GenDB developers in Bielefeld), can do everything (e.g. configure project) except  
# modifying the database
# has to add Maintainers, Annotators and Guests but cannot add Developers
ROLE Chief
        RIGHT annotate
        RIGHT add_user
        RIGHT contig_import_export
        RIGHT region_prediction
        RIGHT submit_jobs
        RIGHT recompute
        # frame-shift correction and contig update
        RIGHT edit_sequence 
        RIGHT add_tools
        RIGHT export_region_data
        RIGHT delete_contig
        RIGHT configure_project
        RIGHT basic_access  
### RIGHTS defined for GenDB-2.0 ###
PROJECT_CLASS GENDB 
RIGHT basic_access
        DS_TYPE GENDB
                DB select
        DS_TYPE GPMSDB
                DB select
                TABLE sessions delete update insert 
                TABLE sessions_not_permanent delete update insert
                TABLE sessions_permanent delete update insert
                TABLE Member_User_Project_Configs update delete insert
                TABLE Member_User_Project_Configs_hash_value update delete insert       
                TABLE ProjectManagement_counters update
RIGHT annotate
        DS_TYPE GENDB
                DB insert update   
RIGHT export_region_data 
RIGHT recompute
        DS_TYPE GENDB
                DB delete update insert 
RIGHT submit_jobs
        DS_TYPE GENDB
                DB insert update delete
RIGHT contig_import_export
        DS_TYPE GENDB
                DB insert update delete
# may only be granted to user if user has right annotate
RIGHT edit_sequence 
        DS_TYPE GENDB 
                DB update insert 
RIGHT add_tools
        DS_TYPE GENDB
                DB insert update  
RIGHT delete_contig
        DS_TYPE GENDB
                DB delete 
RIGHT region_prediction
        DS_TYPE GENDB
                DB insert update delete
RIGHT configure_project
        DS_TYPE GENDB
                DB insert update delete
RIGHT modify_db
        DS_TYPE GENDB
                DB insert update delete alter index create drop references
RIGHT add_user
        DS_TYPE GENDB
                DB grant insert update delete 
        DS_TYPE GPMSDB

Interfaces

In this section we describe several ways for accessing and using the GPMS. In addition to the API that allows programmers to directly manipulate all objects stored in the database we provide a number of scripts for maintaining the system and a Gtk graphical user interface for the management of users and project members. A simplified web frontend was also implemented that supports a restricted user management for "external" maintainers of projects.

GPMS scripts

The scripts listed in table 1 can be used to initially set up the system and for maintaining projects, users, and their memberships.

name description
add_host add a new Host to the GPMS
add_datasource_!type register a new DataSource
add_db_api_!type register a new API_Type
add_dbms_!type create a DBMS_Type
add_db create a new Database
add_project_class create a new ProjectClass
add_project create a new Project
add_datasource2project add a DataSource to a Project
add_project_config add configurations to a Project
add_role read and store the Role definitions for a ProjectClass
add_rights parse a Right definition-file and store it in the GPMS
add_user register a new User
add_member add an existing User as a new Member to a Project
add_meta_project create a new MetaProject
add_project2meta_project add a Project to a MetaProject
del_host remove a Host
del_datasource_!type delete a DataSource_Type
del_datasource remove a DataSource from the GPMS
del_db_api_!type delete a DB_API_Type
del_dbms_!type remove a DBMS_Type from the GPMS
del_project_class delete a ProjectClass from the GPMS
del_project delete a Project
del_project_config remove configurations from a Project
del_role remove roles from a ProjectClass
del_rights delete rights from a ProjectClass
del_user remove a User from the GPMS
del_member remove a User from a Project
change_member_role change the Role of an existing Member
export_members print a list of all Members of a Project or
all Members of all Projects of a ProjectClass to a file
rem_datasource_from_project remove a DataSource from a Project
rem_project_from_meta_project remove a Project from a MetaProject
list_project_members print a list of all Members of a Project
list_projects print a list of all Projects and Roles available for the Project
list_user_projects display a list of all Projects that can be accessed by a User
list_extern_user print list of all extern Users

Available scripts for manipulating the GPMS. All currently implemented scripts for manipulating the GPMS are listed above. Executing a script without parameters will print a detailed description and a complete list of available options.

All scripts listed above are executed using the wrapper script GPMS which sets several installation specific environment variables. Executing this script without parameters will list all available scripts and print a usage message. The following paragraphs describe the use of each script and introduce their options.

add_datasource2project

add a Datasource to a Project in the GPMS

usage: add_datasource2project -D <datasource name> -p <project name> [-v]

where: -D <datasource name> name of the Datasource

      -p <project name> the Proejcts name
      -v verbose 
      -h print this help message

example: add_datasource2project -D gendb_test -p gendbtest

add_datasource_!type

add a Datasource_Type to project management database

usage: add_datasource_!type -y <name> [-s <SQL_dump_file> -v]

where: -y <name> the Datasource_Types name

      -s <SQL_dump_file> SQL dump file, with SQL statements creating
                         a Database of this Type
      -v verbose
      -h print this help message

example: add_datasource_!type -y GENDB -s /vol/gendb/src/dbschema/GenDB.sql

add_db

add a Database (Datasource::DB) to project management database

usage: add_db -H <hostname> -t <dbms_!type> -y <datasource_!type>

             -A <db_api_!type> ( -D db_name | -p <project> )
             [-d <description> -e -v]

where: -H <hostname> name of the Databases Host

      -t <dbms_!type> name of the Databases DBMS_Type
      -y <datasource_!type> name of the Databases Datasource_Type
      -A <db_api_!type name> name of the Datasourced DB_API_Type
      -D the Databases name
         if -D is omitted Database gets same name as Project
      -p <project> name of Project the Database shall be added to
                   Note that either -D or -p or both must be specified
      -d <description> text describing the Database
      -e register existing Database to gpms and therefore
         without creating MySQL Database
      -v verbose
      -h print this help message

example: add_db -D gendb_test -H dbhost -t MySQL-3.23.27 -y GENDB -A O2DBI2

add_dbms_!type

add a DBMS_Type to project management database

usage: add_dbms_!type -t <name> -V <version number>

where: -t <name> the DBMS_Types name

      -V <version number> the DBMS_Types version
      -h print this help message

example: add_dbms_!type -t MySQL -V '3.23.27'

add_project2meta_project

add a Project to a META Project in the GPMS

usage: add_project2meta_project -p <project_name> -m <meta_project_name> [-v]

where: -p <project_name> the Projects name

      -m <meta_project_name> name of the META Project
      -v verbose
      -h print this help message

example: add_project2meta_project -p gendb_test -m meta_test

del_project

removes a Project and the project members from the GPMS

usage: del_project -p <project name> [-z -v]

where: -p <project name> name of the Project

      -z drop and remove the Projects Databases and Datasources not used by 
         any other Project from the gpms databases
      -v verbose 
      -h print this help massage

example: del_project -p gendb_test

add_host

add a Database Host to project management database

usage: add_host -H <hostname> [-P <port number>] [-d <description>]

where: -H <hostname> the Hosts name

      -P <port number> the Hosts port number
      -d <description> text decribing the Host
      -h print this help message

example: add_host -H dbhost

add_member

add a new Member to a Project in project management database

usage: add_member -l <user login> -p <project name> -r <role> [-v]

where: -l <user login> User login of new Member

      -p <project name> name of Project the User shall be added to as Member
      -r <role> the new Members Role
      -v verbose 
      -h print this help message

example: add_member -l juser -p gendb_test -r Annotator

add_meta_project

use add_project with -m option!

add_project

add a new Project to project management database

usage: add_project -p <name> -c <project_class> -d <description>

      [-v -s <project sub class>]

where : -p <name> the Projects name

       -c <project_class> the Projects Project_Class
       -d <description> Project description
       -s <project sub class> subclass of ProjectManagement::Project
          available subclasses: EMMA, GenDB, ProDB, Biomake, GPMS, META, WHOIS
       -v verbose
       -h print this help message

example: add_project -p gendb_test -c GENDB -d "The GenDB DB" -s GenDG

del_rights

removes single Right or all Rights of a Project_Class from the GPMS

Note: before script can be used all Roles using the Rights of the Project_Class

     must be removed!

usage: del_rights -c project_class (-r <right_name> | -a) [-v]

where: -r <right_name> name of a single Right to be removed

      -a remove all rights of the Project_Class
      -v verbose
      -h print this help message

example: del_rights -r use_gpmsdb -c GENDB

add_project_class

add a Project_Class to project management database

usage: add_project_class -c <project class name> [-d description]

                        [-i <max instance number> -u <config file>]

where : -c <project class name> name of new Project_Class

       -d <description> description of new Project_Class
       -i <max instance number> maximal number of Projects a
          Meta Project of this Project_Class may contain 
       -u <config file> default config file for new Projects of this Class
       -h print this help message

example: add_project_class -c GENDB -d GENDB Projects

add_project_config

add Project Configs to project management system

usage: add_project_config -p <project> -k <config_key> -V <config_value>

where: -p <project> the Projects name

      -k <config_key> the key of the Config to be added,
                      since Project Configs are a hash
      -V <config_value> the Configuration values
      -h print this help message

example: add_project_config -p gendb_test -k genetik_code -V 11

add_rights

adds new Rights to Project_Class to project management database

usage: add_rights -f <file name> [-v]

where: -f <file name> name of file defining the Rights

      -v verbose
      -h print the help message

example: add_rights.pl -f "/vol/gendb/src/rights"

add_role

add new Roles to a Project_Class in project management database

usage: add_role -f <file_name> [-v]

where: -f <file name> name of file defining the Roles to be added

      -v verbose
      -h print this help message

example: add_role -f roles.txt

add_user

add a User to project management database

usage: add_user -l <login> -f <full name> [-e <email address> -x]

where: -l <login> the Users login

      -f <full name> the Users surname and first name
      -e <email address> the Users email adress
      -x User is extern
      -h print this help message

example: add_user -l juser -f 'Joe User' -e juser@Genetik.Uni-Bielefeld.DE

change_member_role

change the Role from a Project Member

usage: change_member_role.pl -l <user login> -p <project> -r <role> [-v]

where: -l <user login> the Members login

      -p <project> name of the Project
      -r <role> the new Role the Member shall get
      -v verbose
      -h print this help message

example: change_member_role.pl -l juser -p gendbtest -r Annotator

del_datasource

removes a Datasource from project management database

usage: del_datasource.pl -D <datasource name> [-z -v]

where: -D <datasource name> the Datasouces name

      -z drop database from the MySQL DB
      -v verbose
      -h print this help message

example: del_datasource.pl -D gendb_test -z

del_datasource_!type

removes a Datasource_Type from project management database

usage: del_datasource_!type.pl -y <datasource_!type name>

where: -y <datasource_!type name> name of the Datasource_Type to be removed

      -h print this help message

example: del_datasource_!type.pl -y GENDB

del_dbms_!type

removes a DBMS_Type from project management database

usage: del_dbms_!type -n <dbms_!type_name> -V <version> [-v]

where: -n <dbms_!type_name> name of the DBMS_Type

      -V <version> the DBMS_Types version
      -v verbose
      -h print this help message

example: del_dbms_!type -n MySQL -V 3.23.48

del_host

removes a Host from project management database

usage: del_host -H <host_name> name

where: -H <host_name> name of Host to be removed

      -h print this help message

example: del_host -H dbhost

del_member

removes single or all Members from a Project

usage: del_member ( -a | -l <user login> [-q] ) -p <project name> [-f -v]

where: -p <project name> name of the Project

      -a remove all Members from Project
      -l user login from single Member to be removed
      -q do not revoke MySQL privileges when removing single Member
      -f force: Member is deleted even if the db privileges
                can not be revoked
      -v verbose
      -h print this help message

example: del_member -l jouser -p gendbtest

del_role

removes one or all Roles of a Project_Class from the GPMS

usage: del_role -c <project_class> (-a | -r <role name> ) [-f -v]

where: -c <project_class> name of the Project_Class

      -a remove all Roles of the Project_Class
      -f force, Members of all Projects of Project_Class first
      -v verbose
      -h print this help message

example: del_role -r User -c GENDB

del_project_class

removes a Project_Class from project management database

usage: del_project_class -c <project_class name>

where: -c <project_class name> name of the Project_Class

      -h print this help message

example: del_project_class -c GENDB

del_project_config

delete Project Configs from project management system

usage: del_project_config -p <project_name> -k <config key>

where: -p <project_name> name of the Project

      -k <config key> the key value of configuration entry to be removed
      -h print this help message

example: del_project_config -p gendb_test -k genetik_code

export_members

print a list of all Members of a Project or all Members of all

                Projects of a Project_Class to a file

usage: export_members (-p <project name> | -c <project_class> | -a)

                     -f <file_name>

where: -p <project name> Print all Members of this Project to a file

      -c <project_class name> Print all Members of Projects of this
                              Project_Class to a file
      -a Print all Members of every Project to a file
      -h print this help message

example: export_members -p gendbtest -f gendbtest_members

del_user

removes a User of project management database

usage: del_user -l <login> [-v]

where: -l <login> the Users login

      -v verbose
      -h print this help message

example: del_user -l jouser

rem_datasource_from_project

removes a Datasource from a Project

usage: rem_datasource_from_project -D <datasource_name> -p <project_name>

                                  [-f -v]

where: -D <datasource_name> name of the Datasource to be removed from Project

      -p <project_name> name of the Project
      -f force: also remove datasource even if not all member privileges
                could be revoked
      -v verbose
      -h print this help message

example: rem_datasource_from_project -D gendb_test -p gendb_test_project

list_projects

list Projects with available Roles from

               project management database

usage: list_projects

where: -h print this help message

add_db_api_!type

add a DB_API_Type to project management database

usage: add_db_api_!type -A <db_api_!type name> -d <description> [-v]

where: -A <db_api_!type name> the DB_API_Types name

      -d <description> text describing the DB_API_Type
      -v verbose
      -h print this help message

example: add_db_api_!type -A O2DBI -d "The O2DBI I database api"

list_user_projects

get Projects of a User from project management database

usage: list_user_projects -l <user login>

where: -l <user login> the Users login

      -h print this help message

example: list_user_projects -l juser

del_db_api_!type

removes a DB_API_Type from project management database

usage: del_db_api_!type -A <db_api_!type_name>

where: -A <db_api_!type_name> name of the DB_API_Type

      -h print this help message

example: del_db_api_!type -A O2DBI

list_project_members

list Project Members with their Role

usage: list_project_members -p <Project name> [-r]

where: -p <Project name> the Projects name

      -r sort Members by Role
      -h print this help message

example: list_project_members -p gendb_test

list_extern_users

list_extern_user - list all extern Users and genereates MySQL statements to obtiain

                  consistent MySQL privileges for extern users

usage: list_user_projects [-g]

where: -g generate MySQL statements

      -h print this help message

example: list_user_projects -l juser

rem_project_from_meta_project

removes a Project from a META Project

usage: rem_project_from_meta_project -p <project_name> -m <meta_project_name>

where: -p <project_name> name of Project to be removed from META Project

      -m <meta_project_name> name of META Project
      -h print this help message

example: rem_project_from_meta_project -p gendb_test -m gendb_meta

Using an Application Frame

In addition to the standard classes of the GPMS we have implemented a general framework that simplifies the necessary steps for accessing a project's data. Such an Application Frame uses the GPMS for accessing the datasources of a project and it also provides a number of useful methods that are often needed by the end applications. The following description was directly included from the documentation of the Perl module. inputapplication_frame

Description

    An Application_Frame provides a general framework that
    simplifies using the General Project Management System
    (GPMS). It should be used for all O2DBI connections based on
    the GPMS (see documentation of O2BI by B. Linke for further
    details about master objects etc.).

Concepts

    An Application_Frame acts as a container for all GPMS data
    that are required by an application for connecting to an
    O2DBI database. It provides access to:
    o a ProjectManagement master object
    o an application master object
    o a ProjectManagement::Project object
    o a ProjectManagement::User object
    o a ProjectManagement::Member object
    o the users password
    For using the Application_Frame a subclass has to be created
    that contains an application specific _init_application
    method, that provides the application master (see the
    documentation for _init_application for more detail).  The
    Application_Frame was initially introduced for some
    bioinformatics applications developed at Center for Genome
    Research, Bielefeld University. But it may be used as well
    with every other GPMS based application.

Methods

    o new($login, $passwd [,$gpms_master] [,$errh])
         Constructor, used for creating a new
         GPMS::Application_Frame object that provides the O2DBI
         master objects and all GPMS data relevant for an
         application. $errh is an optional error handler method,
         which is executed if an error occurs. As an argument
         $errh receives a string containing the error message.
         When $errh is specified it will be executed in every
         method called on the object whenever an error occurs.
         The optional argument $gpms_master is a
         ProjectManagement master object. It may be used when
         several Application_Frame objects are supposed to share
         the same GPMS master.
    o errh([$errh])
         Method used to get/set the error handler method. $errh
         is a reference on a subroutine that is executed if an
         error occurs. The only argument that is returned is the
         error message string.
    o login
         This method returns the login name of an user that was
         specified in the constructor method.
    o passwd
         The users password is required for establishing the
         connection to a database. Therefore the password is
         provided by this method.
    o gpms_master([$master])
         This method can be used to get/set the O2DBI master
         object for the GPMS.
    o application_master([$master])
         Get/set the O2DBI master object specific for the
         application or hash of O2DBI master objects if a
         project uses more than one database.
    o user
         Use this method to get the ProjectManagement::User
         object.
    o project([$project])
         This method can be used to get/set the project.
         $project can be a ProjectManagement::Project object or
         simply the name of a project.
    o get_available_projects($type)
         This method returns an array reference of all usable
         projects for the specified user. The type can be used
         to specify a subclass of ProjectManagement::Project
         (e.g. ProjectManagement::Project::GENDB).
    o user_name
         Get the full name of the current user.
    o user_email
         Get the email address of the current user.
    o error
         Default error method that can be used to get/set an
         error message if an error occured.
    o _init_application($project)
         This method has to be overloaded when a new subclass is
         created. The derived method can implement project
         specific initializations. It should always return an
         application master or a reference on a hash of
         application masters if a project uses more than one
         database. Since the Application_Frame is only
         applicable for projects using the second generation of
         the O2DBI tool other applications that use the old
         version by J. Clausen have to return 1 for successful
         connections or 0 if an error occured. The $project
         argument specifies a ProjectManagement::Project for
         which the Application_Frame should be initialized.
    o project_name
         Get the name of the project for which the
         Application_Frame was created.
    o project_description
         Get the description of the currently used project.
    o member([$member])
         Use this method to get/set the current member.
    o right($right_name)
         This method returns the value for a given project right
         for the current user.  Use this method to check the
         individual permissions (rights).
    o rights
         This method returns a reference on a hash of all
         project rights defined for the current user.
    o projectDB_by_datasource_!type_name($datasource_!type_name)
         Use this method to retrieve the database of a project
         for a specified datasource_type.
    o project_dbs
         This method returns a reference on an array of all
         databases in the current project.
    o project_datasources
         Use this method to retrieve a reference on an array of
         all available datasources for the current project.
    o user_project_config([$config])
         Use this method to get/set the complete project
         configurations for the current member of a project.
         $config is a hash of hash containing the configuration
         parameters and values for different configuration
         sections.
    o destroy
         Delete the Application_Frame object and clean up
         everything.

Graphical User Interfaces for maintaining the gpms

In addition to the scripts the GPMS can be maintained via a graphical user interface implemented in Perl Gtk (see figure reffig:gpms_gui).

beginfigure[H]

 begincenter
   includegraphics[width=0.8columnwidth]figures/GPMS_GUI
 endcenter
 caption[Graphical user interface for the gpms.]The Gtk frontend
   of the GPMS can be used to maintain users and projects and
   provides an immediate overview.
 labelfig:gpms_gui

endfigure

The tree-view on the left displays all members of a selected project sorted by the roles that were defined for the corresponding projectclass. Another subtree shows the rights that have been defined for each role. The tree also contains a list of all users that are registered in the gpms. New users and members can be added via a simple input form.

beginfigure[H]

 begincenter
   includegraphics[width=0.95columnwidth]figures/gpms_web
 endcenter
 caption[Web frontend for the gpms.]The web frontend
   of the GPMS can be used to maintain users and projects.
 labelfig:gpms_web

endfigure

Figure reffig:gpms_web shows four screenshots of different operations that can be performed with the web frontend. All members of a project can be listed, new users and members can be added, or existing members can be removed from a project. It is also possible to change the role of an existing member. For reasons of security, only those roles can be assigned that do not include administrative privileges and are therefore marked as extern.