In this article the process of User Registration for a new user is described from two perspectives: the perspective of the new user, and the perspective of an administrator.
The general progression is that
- A new user registers, but is not yet able to log in.
- The administrator
- configures (global) roles and (Data Model-specific) permissions for the user,
- enables the user,
- and then the new user is able to log in.
New User
You can visit the home page of a Metadata Exchange instance, for example: https://test.metadata.works
And click on sign up to register.
Then enter your chosen username, email and password (please enter a password >8 characters with a set of special characters).
You'll then receive a message asking you to validate your email address.
Once you've validated your email address you will have access to the system however, you will probably start with a blank catalogue until your administrator gives you access to specific models.
Administrator
When a new user registers, at first he/she will be "disabled", have the global roles "ROLE_USER", and not have Data Model-specific permissions.
User Details and (Global) User Roles
As an administrator, you can look at a (new) user's details and global roles by clicking the "Users" action in the "System" dropdown menu (with the cog icon) in the top-right navigation bar.
This takes you to the Spring Security Management Console, where you can search for a user by username, email, and other factors. The search result appears below, and clicking on the username will take you to a page where you can view and edit User Details and (Global) Roles.
User Details
Below is an image of the page showing User Details. This shows/allows you to edit
- The user's username
- The user's password (can only be edited, not viewed)
- The user's email address
- Whether the user is "Enabled"– by default a new user will be disabled. This means he/she will not be able to login until you enable them.
- Whether the account is expired
- Whether the account is locked– you can use this option to lock a user temporarily
- Whether the user's password is expired.
(Global) Roles
Below is an image of the page showing (Global) Roles of the user. By default a new user only has role "ROLE_USER". An explanation of the roles follows.
- ROLE_USER: every user has this role.
- ROLE_METADATA_CURATOR: a user with this role has the ability to create a new DataModel.
- ROLE_ADMIN & ROLE_SUPERVISOR: we currently do not distinguish between an administrator and a supervisor as separate entities. Rather they should be considered as one unit. An administrator/supervisor should have both of these roles. This gives them the ability to edit user details, see and edit all DataModels, and generally perform all actions in the system.
- ROLE_REGISTERED & ROLE_STACKTRACE: we do not use these roles currently.
Data Model-Specific Permissions
A user may have Data Model-specific permissions. That is, a user may be able to view Data Model A but not edit it, while he/she may be able to view AND edit Data Model B.
To set Data Model-Specific Permissions, click on the "Data Model ACL By User" action in the System menu.
This leads you to an index of users. Use Ctrl-F to find the one you want.
Selecting e.g. the user called "1 Alice", you will come to a page like so. In this case, there are no entries as the user "1 Alice" has just been created.
There are two selection boxes: One to select a DataModel, the second to select what permission for that DataModel to grant to the user.
Selecting a DataModel:
Selecting a permission:
Click "Grant":
The entry appears. You can then delete the entry by clicking the "Delete" button.
0 Comments