Security
Security
A user can be in 6 groups with diverse rights in the database where certain higher groups have all rights of lower groups in addition to special rights for this group, e.g. the group DataReader can only read the data while DescriptionsEditor has the rights of DataReader and additionally can edit the data in descriptor tables - see overview below.
Summarzied overview of the permissions of the groups
| Role | Permissions in addition to lower role resp. user group | Inculded rights |
| Administrator | Edit own user permissions; use database maintenance functions | ProjectManager, CacheAdmin |
| ProjectManager | Create, edit and delete project data; import data with project information | TerminologyEditor |
| TerminologyEditor | Create, edit and delete descriptor data; import data without changing project information | DescriptionsEditor |
| DescriptionsEditor | Create, edit and delete description data | DataReader |
| DataReader | View description, descriptor, project and cache mapping data; export data | DataUser |
| DataUser | View descriptions without “withheld” descriptors and without resource data |
Two additional roles have been introduced for the handling of the cachedatabase
| Role | Permissions in addition to lower role resp. user group | Inculded rights |
| CacheAdmin | Edit cache related table data | CacheUser |
| CacheUser | View cache database and project data | DataReader |
In addition to the mentioned roles a “System Aministrator” may use the Login administration to add other users to one of these groups and grant access to one ore more projects. If you are an “Administrator” you have the right to modify the projects assigned to your own login.
To place a user in one of the groups, go to the loginadministration. In the window that will open select a login and a database. The roles available in the selected database will be listed as shown below. Use the > and < buttons to add or remove roles for the login in the database (see below).
To see the detailed permissions of a role, select it in the list of
Available roles and click on the
button. A window as shown below will open
listing all objects in the database the role has permissions for (see
below).
