GPMSWiki/AdministratorDocumentation/DefiningRolesAndRights
Jump to navigation
Jump to search
Role and Right definitions
The following paragraphs describe the roles and rights as defined for the genome annotation system !GenDB-2.0 which extensively uses different roles for a sophisticated access control.
# !ROLES defined for !GenDB-2.0 #
!PROJECT_!CLASS !GENDB
# user with read only permissions and almost completely restricted access
# Roles with the tag ext can be assigned to members via the external
# GPMS web frontend. !Roles without this tag are not listed in the ext.
# web frontend.
!ROLE Guest ext
!RIGHT basic_access
# user who is allowed to write annotations and recompute the observations
# for a single region
!ROLE Annotator ext
!RIGHT basic_access
!RIGHT annotate
!RIGHT export_region_data
!RIGHT recompute
# (external) user who is allowed do most of the necessary tasks to maintain a project
# (e.g. import/export/edit/delete sequence, add tools and submit all jobs)
# this role should be used if several persons have to edit the sequence e.g. to correct frameshifts
!ROLE Maintainer
!RIGHT basic_access
!RIGHT recompute
!RIGHT submit_jobs
!RIGHT contig_import_export
!RIGHT edit_sequence
!RIGHT add_tools
!RIGHT export_region_data
!RIGHT delete_contig
!RIGHT annotate
!RIGHT region_prediction
# user who is responsible for the database and for the solution of bugs and problems
# can do almost everything and also MODIFY THE DATABASE (e.g. alter table)
!ROLE Developer
!RIGHT contig_import_export
!RIGHT region_prediction
!RIGHT submit_jobs
!RIGHT recompute
# frame-shift correction and contig update
!RIGHT edit_sequence
!RIGHT add_tools
!RIGHT export_region_data
!RIGHT delete_contig
!RIGHT configure_project
!RIGHT basic_access
!RIGHT annotate
!RIGHT modify_db
# user who is responsible for the project (in the majority of cases this is one of the
# !GenDB developers in Bielefeld), can do everything (e.g. configure project) except
# modifying the database
# has to add Maintainers, Annotators and Guests but cannot add Developers
!ROLE Chief
!RIGHT annotate
!RIGHT add_user
!RIGHT contig_import_export
!RIGHT region_prediction
!RIGHT submit_jobs
!RIGHT recompute
# frame-shift correction and contig update
!RIGHT edit_sequence
!RIGHT add_tools
!RIGHT export_region_data
!RIGHT delete_contig
!RIGHT configure_project
!RIGHT basic_access
### !RIGHTS defined for !GenDB-2.0 ###
PROJECT_!CLASS !GENDB
!RIGHT basic_access
DS_!TYPE !GENDB
!DB select
DS_!TYPE GPMSDB
!DB select
TABLE sessions delete update insert
TABLE sessions_not_permanent delete update insert
TABLE sessions_permanent delete update insert
TABLE Member_!User_!Project_Configs update delete insert
TABLE Member_!User_!Project_Configs_hash_value update delete insert
TABLE ProjectManagement_counters update
!RIGHT annotate
DS_!TYPE !GENDB
!DB insert update
!RIGHT export_region_data
!RIGHT recompute
DS_!TYPE !GENDB
!DB delete update insert
!RIGHT submit_jobs
DS_!TYPE !GENDB
!DB insert update delete
!RIGHT contig_import_export
DS_!TYPE !GENDB
!DB insert update delete
# may only be granted to user if user has right annotate
!RIGHT edit_sequence
DS_!TYPE !GENDB
!DB update insert
!RIGHT add_tools
DS_!TYPE !GENDB
!DB insert update
!RIGHT delete_contig
DS_!TYPE !GENDB
!DB delete
!RIGHT region_prediction
DS_!TYPE !GENDB
!DB insert update delete
!RIGHT configure_project
DS_!TYPE !GENDB
!DB insert update delete
!RIGHT modify_db
DS_!TYPE !GENDB
!DB insert update delete alter index create drop references
!RIGHT add_user
DS_!TYPE !GENDB
!DB grant insert update delete
DS_!TYPE GPMSDB
Author: Lutz Krause