Annotation database user management
Background
There are multiple levels of user management: the server machine has users managed by the operating system (Linux); the database has users managed by PostgreSQL; and the Web site has users managed by Django. This article concerns the last.
Django has a built-in user management system that revolves around the User model. The msea
Django application, which supports the database, uses an extension of the User object called MSEAUser, which provides the ability to store additional information, currently the user's Biigle API credentials.
Creating Users
Currently, there are two parts to the process of creating a user with access to the Website administration functions. You must be a user with administration privileges to perform the following actions. If you do not have a user, contact an administrator.
Part One
- Visit the User administration page.
- Click
Add User
and enter a username and password for the new user. - Click
Save
. - Enter the user's email address, first and last name. The user is marked as
Active
by default. If the user is to be designated staff or a superuser, check the appropriate boxes (more information about these designations is given below). - In the
Available Groups
list, select themsea_admin
group and add it to theChosen Groups
list. - Click
Save
.
Part Two
- Go to the Django administration site and visit the MSEAUser administration page.
- Select the
User
that you created in Part One. - Enter the user's Biigle credentials if available. This form may add additional information in the future.
- Click
Save
.
User Permissions
The default Django can be assigned staff status and/or superuser status.
- Staff status allows the user to access the administration site but does not assign any specific permissions. To add specific permissions, select items from the
Available user permissions
list at step #4 of Part One. - Superuser status assigns all possible permissions to a user without the need of specifying them.
The MSEAUser has additional permissions related to the Website. These are assigned at step #5 of Part One, when the user is added to the msea_admin
group. Members of this group have automatic access to the ReST endpoints that provide administration services for the database and Website.