To get access to the data, you have to fulfill several requirements. In DiversityCollection, you must be a member of one of the user groups. You can only access data, which is listed in the projects you have access to. For external users data may be blocked by entries in the data withholding reasons or due to a data embargo.
To administrate the logins on the database server, their permissions and roles respectively as well as access to projects choose Administration - Database - Logins ... from the menu. A window will open as shown below.
To set the website where information about details concerning the
General Data Protection
Regulation
are shown, click on the 
button.
To see the current activity on the server click on the
button. A window as shown below will open
listing all user related processes on the server.
To administrate the linked servers, click on the
button.
To send a feedback click on the 
button.
To see the activity of a login click on the 
button. A window will open as shown below listing all databases and
tables together with the time span (From - To) and the number of data
sets where any activity of the current login has been found.
To create a new login click on the button. A
window will open as shown below. A login that should be able to create
new logins must to be a System administrator.
Here you can enter the name of the new login, the password and the
information about the user which will be stored in a DiversityAgents
database. You may either create a new entry in this database or select
an existing one: Click on the 
button
to search for a name in the database (see below).
To copy a login including all permissions etc. into a new login, select
the original login in the list and click on the
button.
To edit the access for a login on the server select the login in the
list. If a login should be disabled , uncheck
the enabled checkbox (see below).
All databases on the server will be listed with the current database showing a yellow background. The databases where the login has [no access] will be listed in [gray] while the databases accessible for a login are black.
To allow the access to a database select the database from the list and choose database as shown below.
The state 
and date of
the privacy consent according to the General Data Protection
Regulation
is shown in dependence of the selected database.
Use the > and < buttons to add or remove roles for the login in the database (see below).
To see the detailed permissions of a role, select it in the list of
[Available] roles and click on the
button. A window as shown below will open
listing all objects in the database the role has permissions for (see
below).
As a database owner you can edit the permissions and role memberships
with the 
and 
buttons. Please
keep in mind that any change of the permissions may cause serious
troubles and should only be used for testing and bug fixing. The final
setting of the permissions should be performed by a proper update script
of the database. For every action you will get the code that is to be
included in an update script (see below).
Depending on the database you can edit the list of projects accessible
for a login (see below). Projects are related to the module
DiversityProjects. To get additional information about a project select
it in the list and click on the
button.
Starting with database version 02.05.35 next to the projects with full
access, a second list provides projects with [Read
Only] access (see image
below). Use the 
and 
buttons to
move projects between Accessible and Read Only. If a
project is set on [Read Only]
a user can still add annotations. Starting with
version 4.3.219 a project as a whole can be locked with the restriction
of access to read only. For more details see chapter Project
administration.
To load additional projects click on the Load projects
button. A window will open as shown below.
Projects already in the database will be listed in
green, missing projects in red (see below). Check all projects you need in your database and
click the Start download button.
To see an overview of the users within a project select one of the
project in either list and click on the corresponding button
. A window as shown below will open listing all
users and their roles with access to the selected project.
To add or remove a role for a login, select the corresponding field and
choose or from the context
menu (see below).
Depending on the database you can edit the settings of a login as shown below.
If you wish to use settings already defined for another login, click on the Search template button. A window (see below) will open where you can choose among the settings defined for logins in the database.
If you want to see an overview of all permissions and project for a
login, click on the 
button. A window as shown
below will open. It lists all modules
and their 
databases, the 
roles, 
accessible projects and
read only projects for a login.
To copy the permissions and projects of the current login to another
login, select the login where the settings should be copied to from the
list at the base of the window and click on the 
button to copy the settings for all databases or the
button to copy the settings of the selected
database into this login.
If you see an overview of all user and roles in a database, click on the
button. A window a shown below will open.
It lists all user, roles and
projects in the database.
To remove a user, select it in the list and click on the
button.
If you select one of the databases, at the base a
button may appear. This indicates that
there are windows logins listed where the name of the login does not
match the logins of the server. This may happen if e.g. a database was
moved from one server to another. To correct this, click on the button.
A list of deviating logins will be shown, that can be corrected
automatically.
If logins with the same name but different server are found, one of them has to be deleted to make the correction possible. You will get a list where you can select those that should be removed.
Select the duplicate logins that should be removed and click OK.
To find users within the database that have no valid login, click on the
button. A window as shown below will open,
listing the users without a login. Select those that should be removed
and click OK. This will include a removal from the collection
managers.
A user may be in several groups with diverse rights in the database. Here certain higher groups have all rights of lower groups in addition to special rights for the higher group, e.g. the group User may only read data of certain tables while Typist has the rights of User and additionally may edit the data in certain tables - see overview below.
Summarized overview of some of the groups and their permissions as an example for the module DiversityCollection
| Role | Permissions in addition to lower role and user group respectively | Included rights |
|---|---|---|
| Administrator | Delete data, edit user permissions | DataManager |
| CollectionManager | Administration of collections, handling loans etc. | StorageManager |
| DataManager | Delete data, edit image descripton templates | Editor |
| Editor | Create new entries and delete details (not entire data sets) | Typist |
| Requester | Has the right to place requests for specimen | |
| StorageManager | Administration of stored parts, handling loans etc. | User |
| Typist | Edit data | User |
| User | See the data of the data tables, add annotations |
To place a user in one of the groups, select Administration - Database - Logins... from the menu. In the window that will open select a login and a database. The roles available in the selected database will be listed as shown below. Use the > and < buttons to add or remove roles for the login in the database (see below).
To see the detailed permissions of a role, select it in the list of
[Available] roles and click on the
button. A window as shown below will open
listing all objects in the database the role has permissions for (see
below).
If you are an Administrator you may add a user to one of these groups.
Any user may have access to several projects.
The accessibility of projects for users can have 4 different states:
No access: The current user has no access to
the project
Accessible: The current user has access
to the project [Read only]: The
current user has read only access to the project [Locked]: The
project is locked. Any user can either none or read only access to
the projectTo allow the current user access projects use the [ >
] button
for the selected project resp. the [ >>
] button
for all projects. To revoke access for the current user use the [ <
] button for the selected project resp. the [ <<
] button for all projects. To change the access for a
project to read only use the 
button and the
button to remove a project from the read only
list.
To lock a selected project use the button.
For all users the project will be removed from the accessible or read
only list and transferred to the locked list.
This is only allowed for a database owner (dbo). Please make sure that
you really want to lock a project. Any dataset related to this project
will be set to read only for all users. For an introduction, please see
the a short tutorial
.
To remove the locked state of a project, select the project in the No access list and click on the button. The selected project will be moved from the locked list into the read only list for those users that had access to the project.
Details of the projects within the DiversityWorkbench are stored in the
database DiversityProjects. To access further information on a project
click on the button. To edit details in projects you require the
application DiversityProjects.exe in your application directory and
access to the database DiversityProjects. To synchronize the projects
listed in DiversityProjects you may use the synchronize function in the
user administration window as shown below. If
DiversityProjects is not available, you may create a new project by
clicking the button. If DiversityProjects is
available, use the synchronize function
.