GenDBWiki/AdministratorDocumentation/ManagingUsers

From BRF-Software
Jump to navigation Jump to search

GenDB Documentation - Administration - Managing users

GenDB uses the GPMSWiki to manages user and projects. A short introduction into the concepts can be found in GPMSWiki/TermsAndConcepts

Table of Contents

  • User management with GPMS
  • Project management
  • Password management

User management

The user management of GenDB is based on a number of command line scripts that are part of the GPMS component. You can run these scripts from within the /bin subdirectory of your GenDB installation. If invoked without a parameters, all these scripts prints a usage message. Since the user and project management is database-based, all these scripts require a username and a password for logging into the database.

  • add_user - adding new users
creates a new user entry in the GPMS database.

Example: add_user -l juser -f 'Joe User' -e juser@my_institute.org
           add_user -l boss -f 'The Big Boss' -e boss@my_institute.org

Note: This script only adds an entry to the GPMS user list; it does not create a database account yet.
  • list_user_projects - lists the projects that a given user is member of
Example: list_user_projects -l juser
  • del_user - remove a user from the GPMS
Example: del_user -l juser

Note: All information about this user, memberships in to projects etc. will be delete from the database. The permissions to access databases will be removed, too.

Additional scripts exists; information about the GPMS script can be found in the GPMSWiki.

Project management

Similar to the user management, the project managemet is also handled by the GPMS. The GPMS allows a fine grained control about database names, project setup and further stuff. To facilitate the management of GenDB project, a special script is bundled with GenDB to setup new projects.

Permissions within GenDB are handled by certain roles that are granted to a user. GenDB currently support the following roles:

  • Guest
Provides a basic access to browse the data within a project. A guest is able to view regions, annotations and observations, but is not allowed to create new annotations, start tools or import/export data. This role is usually used for providing access to people from external insitutes/universities.
  • Annotator
The main role for people working on a project. An annotator is allowed to create new annotations, start tools and export certain data for further investigations.
  • Maintainer
An annotator with the permission to manage sequence data, e.g. importing and exporting contigs, deleting contigs and editing existing contigs. A maintainer is also allowed to create new tools and submit batch jobs.
  • Developer
A special role mainly used for GenDB developers. In addition to the permission of the maintainer, a developer is also able to change the structure of the database itself.
  • Chief
The project leader. A user who is given the chief role is able to do everything within GenDB. This role also contains the ability to add new user to a project.

In a typical setup, a project has one or two chiefs (the head of the group for example), one or two maintainers and an arbitrary number of annotators.

Creating a new GenDB project

add_gendb_project in the /bin directory allows the easy setup of a new GenDB project.

Example (project GenDB_Test, user boss as chief):

add_gendb_project -p GenDB_Test -d 'A test project for GenDB' -l boss

Please keep in mind that certain parameter (e.g. the description) have to be quoted if theuy contain whitespaces. The example will add the new project to the GPMS database, create a new database for the new project and populate the database. It also grants permissions to the given user, making it the chief of the project.

Since the script needs to create a new database and grant permission on the database tables, it prompts for a username and a password. You should use an existing account with sufficient permission, e.g. the root account of MySQL. In case of doubt ask your local system administrator.

Allowing users to use a project

After setting up a new project, only the chief is able to log into the project. To allow more users to use the project, use the add_member script, e.g.

add_member -p GenDB_Test -l juser -r Annotator

to grant annotator permission to the user juser. you have to be the project's chief to add new users.

Password management

Passwords within MySQL are only set together with permissions to access databases. As long as a new user is not a member of any project, the information about this user is only stored within the GPMS database. No database account is created for this user.

Upon granting the first project membership to a user, GPMS will create a new database account for the user, using a random password. The password is mailed to the user's email address, given when adding the user to the GPMS database. If a user account already exists to the username, GPMS will not set a new password.

Author: Burkhard Linke

Retrieved from "https://wiki.cebitec.uni-bielefeld.de/brf-software/index.php?title=GenDBWiki/AdministratorDocumentation/ManagingUsers&oldid=1473"