EMMAWiki/TermsAndConcepts/ForUsers/Access Control
Access Control
Access control in EMMA 2.0 is provided for each individual object. You may check and change other member's rights on experiments and data you have created.
To understand, how access control works in emma, we have to look at the following concepts:
- User
- Member
- Role
- Right
These concepts are common for all software packages using the GPMS.
User
A user is somebody with an account - login name and password and email address - in the GPMS. The user is registered, but does not need allowed to access a single project.
Member
The Member is a User, having access to a specific project. Membership can be granted by a Chief of that project. A user can be a member in many projects.
Rights
A definition of what somebody could be allowed to do in a project. E.g. delete a dataset or import data. There are many rights defined for EMMA. If you do not have the right to perform an action, the system will not allow you to do it.
Role
A collections of individual rights for a project. Many users may share a single role, and a role will comprise many rights. E.g. The User may import data, create experiments, but not edit the standard pipelines or the array layouts. The role of a member may vary between different projects.
- For each project, there is a "chief" who has all the privileges and can give access or not to other users for this project. He also decides what kind of tasks you can perform or not on this project, e.g. to change an existing pipeline or to create a new one.
Here are the different types of roles you can have in a project and their corresponding privileges.
- Chief -- The main responsible, may add, edit and delete almost everything, including array layouts and pipelines. May add and remove members of a project.
- Maintainer -- Same as Chief, but may not manage memberships.
- User -- May import data, run pipelines, create new experiments.
- Guest -- May do almost nothing, just look. Even viewing things can be restricted.
The majority of users will have the role User. This role is sufficient to do the work, while other roles allow to change the setup of the project
The role of a member may vary between different projects. You could be Chief in your own project, but guest in projects of other groups.