Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
fujitsu:hpcgateway:guides:internals:roles_rights [2016/05/11 20:54]
fujitsu [Rights on application]
fujitsu:hpcgateway:guides:internals:roles_rights [2016/05/16 14:46] (current)
fujitsu [Roles and Rights in HPC Gateway]
Line 2: Line 2:
  
 HPC Gateway manage following type of objects: HPC Gateway manage following type of objects:
-  * Users 
-  * Teams 
-  * Projects 
  
-  * Applications +  * users 
-  * Addons +  * teams 
-  * Tasks +  * projects
-  * Profiles+
  
 +  * applications
 +  * addons
 +  * tasks
 +  * profiles
 +  * scripts
 +  * mountpoints
 +  * servers
 +  * clusters
  
-Users belong to **teams** and **projects**.+ ​\\ ​Users belong to **teams** ​ and **projects**.
  
-Applications ​and addons ​belong ​to **teams**. Therefore, a team gives access to applications and addons to users.+**Applications**, **addons**, **scripts**,​ **mount points**, **servers **can be assigned ​to **teams**. Therefore, ​users defined in a team can access ​those objects belonging ​to the team.
  
-Tasks and profiles belong ​to **projects**. Therefore, a project ​gives access to tasks and profiles to users. +**Mount points, servers **and **tasks **are assigned ​to **projects**. Therefore, ​users defined in a project ​can access ​those objects belonging ​to the project.
- +
-A user has the right to interact with an object **only** if this object belong to one of user's team or one of user'​s ​project .+
  
 +A user has the right to interact with an object **only** ​ if this object belong to one of user's team or one of user's project .
  
 +Note that, as of today, profiles can not be assigned to a project. Also, clusters are not subject to permissions. These limitations should be removed soon.
  
 ===== Roles ===== ===== Roles =====
  
-A specific role **super admin** is available to give almost no limitation to a user. This role should be used with caution. By default, only **hpcgadmin** user has super admin role.+A specific role **super admin** ​ is available to give almost no limitation to a user. This role should be used with caution. By default, only **hpcgadmin** ​ user has super admin role.
  
 Standard user belongs to teams and projects. A user can have several roles depending on the team and project: Standard user belongs to teams and projects. A user can have several roles depending on the team and project:
 +
   * Team manager   * Team manager
   * Team editor   * Team editor
Line 35: Line 40:
  
 The rights attached to these roles are described below. The rights attached to these roles are described below.
- 
  
 ===== Rights on application ===== ===== Rights on application =====
  
-An application is in state **draft** or **released**. Released application can not be modified anymore. They can still be configured. +An application is in state **draft** ​ or **released**. Released application can not be modified anymore. They can still be configured.
- +
-^ Role ^ Create ^ Use ^ Edit ^ Configure ^ Change status ^ +
-| Super admin   | yes | yes            | yes (draft) | yes | yes | +
-| Team manager ​ | yes | yes (released) | no          | yes | yes | +
-| Team editor ​  | yes | yes (released) | no          | no  | no  | +
-| Team member ​  | no  | yes (released) | no          | no  | no  | +
-| Owner         | -   | yes            | yes (draft) | yes | yes | +
-| Anyone ​       | no  | no             | no          | no  | no  |+
  
 +^Role ^Create ^Use ^Edit ^Configure ^Change status |
 +|Super admin |yes |yes |yes (draft) |yes |yes |
 +|Team manager |yes |yes (released) |no |yes |yes |
 +|Team editor |yes |yes (released) |no |no |no |
 +|Team member |no |yes (released) |no |no |no |
 +|Owner |- |yes |yes (draft) |yes |yes |
 +|Anyone |no |no |no |no |no |
  
 ===== Rights on add-on ===== ===== Rights on add-on =====
  
-^ Role ^ Install ^ Use ^ Configure ^ Uninstall ​^ +^Role ^Install ^Use ^Configure ^Uninstall ​| 
-| Super admin   ​| yes | yes | yes | yes | +|Super admin |yes |yes |yes |yes | 
-| Team manager ​ | no  | yes | no  | no  +|Team manager |no |yes |no |no | 
-| Team editor ​  ​| no  | yes | no  | no  +|Team editor |no |yes |no |no | 
-| Team member ​  ​| no  | yes | no  | no  +|Team member |no |yes |no |no | 
-| Anyone ​       | no  | no  | no  | no  | +|Anyone |no |no |no |no |
  
 ===== Rights on task ===== ===== Rights on task =====
  
-^ Role ^ Create ^ Use ^ Edit ^ Send commands ​^ +^Role ^Create ^Use ^Edit ^Send commands ​| 
-| Super admin      | yes | yes | yes | yes |  +|Super admin |yes |yes |yes |yes | 
-| Project manager ​ | yes | yes | yes | yes |  +|Project manager |yes |yes |yes |yes | 
-| Project editor ​  ​| yes | yes | no  | no  |  +|Project editor |yes |yes |no |no | 
-| Project member ​  ​| yes | yes | no  | no  |  +|Project member |yes |yes |no |no | 
-| Owner            | yes | yes | yes | yes |  +|Owner |yes |yes |yes |yes | 
-| Anyone ​          ​| no  | no  | no  | no   +|Anyone |no |no |no |no |
  
 ===== Rights on profile ===== ===== Rights on profile =====
  
-^ Role ^ Create ^ Use ^ Edit ^ Change status ^ Delete ​^ +^Role ^Create ^Use ^Edit ^Change status ^Delete ​| 
-| Super admin      | yes | released | no    | yes | yes | +|Super admin |yes |yes (released|no |yes |yes | 
-| Project manager ​ | yes | released | no    | yes | yes | +|Project manager |yes |yes (released|no |yes |yes | 
-| Project editor ​  ​| yes | released | no    | no  | no  +|Project editor |yes |yes (released|no |no |no | 
-| Project member ​  ​| yes | released | no    | no  | no  +|Project member |yes |yes (released|no |no |no | 
-| Owner            | -   ​| yes      | draft | yes | yes | +|Owner |- |yes |yes (draft|yes |yes | 
-| Anyone ​          ​| no  | no       ​| no    | no  | no  | +|Anyone |no |no |no |no |no |
- +
  
 +\\