Duty3G/User Guide/Duty3G Access

This page was last modified 05:40, 6 August 2007.

From Documentation

< Duty3G | User Guide(Difference between revisions)

Jump to: navigation, search

Current revision

1 Getting Started
2 Duty3G Access
3 Duty Management
4 Adding and Maintaining Duties
5 Viewing and Performing Duties
6 Appendix A - Installing duty3G
7 Appendix B - Duty3G Menus by Role
8 Glossary

[edit]

Getting Started

[edit]

Duty3G Access

Detailed information on accessing COSmanager applications can be found in the section COSmanager Users and Access Controls of the COSmanager User Guide. The information in this chapter is a summary of the relevant details from that manual.

To access COSmanager, a user must first have a UNIX account on the same host as COSmanager, or on a networked host. To actually run any COSmanager applications, users must have access rights to the required COSmanager menus and options.

[edit]

Roles

COSmanager access is controlled by assigning to selected users one or more roles. Roles equate to responsibilities shared by some staff. Each role translates to a set of capabilities that determine users’ access to menus and functions in individual COSmanager applications.

Figure 2 — Capabilities and roles

By grouping users with similar access requirements and responsibilities, you can avoid having to allocate capabilities to individual users and security is enhanced by granting access rights according to job function, rather than to transient individuals.

Duty3G is supplied with a set of default roles such as those shown in the diagram below. These roles can be modified to more accurately reflect the needs of an installation.

[edit]

Capabilities

COSmanager applications such as duty3G ‘interpret’ each one of a user’s roles, to determine what capabilities are granted to the user in that application.

	Note
	By convention, role names use initial capitals (“Admin”) and capabilities do not (“dutysuper“).

The capabilities associated with roles in duty3G can be viewed and modified by users with top-level privileges only. Examples of capabilities used within duty3G are shown in the table below and the full set can be viewed under duty3G configuration > Maintain > Access roles.

Capability	Description
dutysuper	Maintain all duties, including those requiring superuser access
dutyadmin	Maintain all duties, except those requiring superuser access
runall	Perform all duties
runouts	Perform outstanding duties
runsched	Perform scheduled duties

From this example, users without dutysuper or dutyadmin capability should not be able to maintain any duty or access duty3G configuration.

[edit]

Steps to Obtaining Access to duty3G

Add user to COSmanager as either a user or a group.
Assign appropriate COSmanager roles to the user, creating new role if required.
Ensure capabilities assigned to role within duty3G are adequate by examining the ‘duty3G Access Capabilities/Roles’ table under duty3G configuration > Maintain > Access roles. Amend or add roles as required.

[edit]

Functions by Role

There are a number of standard roles supplied with COSmanager and inherited by duty3G. Following are what functions each standard role can perform. See Appendix B - Duty3G Menus by Role.

**Duty Console**
	Admin	Auditor	Manager	Operator	SeniorOp	User
File	Remote	Remote	Remote	Remote	Remote	Remote
	Duty audit trail	Duty audit trail	Duty audit trail		Duty audit trail
	Duty compliance	Duty compliance	Duty compliance		Duty compliance
Duty	Perform selected	Perform selected	Perform selected	Perform selected	Perform selected	Perform selected
	Perform outstanding		Perform outstanding	Perform outstanding	Perform outstanding
	Mark done		Mark done
	Add comment	Add comment	Add comment	Add comment	Add comment	Add comment
	Duty notes	Duty notes	Duty notes	Duty notes	Duty notes	Duty notes
View	Outstanding		Outstanding	Outstanding	Outstanding
	At request	At request	At request	At request	At request	At request
	Scheduled		Scheduled		Scheduled
	Automatic		Automatic
	Upcoming duties		Upcoming duties	Upcoming duties	Upcoming duties
	For all	For all	For all	For all	For all	For all
	For duty list	For duty list	For duty list	For duty list	For duty list	For duty list
	For host	For host	For host	For host	For host	For host
	For role	For role	For role	For role	For role	For role
	Options	Options	Options	Options	Options	Options

**Duty Configuration**
	Admin	Manager
Duty	Add	Add
	Change	Change
	Clone	Clone
	Remove	Remove
	Reorder	Reorder
	Move to duty list	Move to duty list
	Duty notes	Duty notes
	Test	Test
		Unlock
View	At request	At request
	Scheduled	Scheduled
	Automatic	Automatic
	Upcoming duties	Upcoming duties
	For all	For all
	For duty list	For duty list
	For host	For host
	For role	For role
Tools	Config report	Config report
	Classes	Classes
	Schedules	Schedules
		Access roles
	Sync crontab	Sync crontab

	Note
	The Admin role cannot add, change or remove duties that have Run as user set to root or cosmos

[edit]

Search

Duty3G/User Guide/Duty3G Access

From Documentation

Current revision

Contents

Getting Started

Duty3G Access

Roles

Capabilities

Steps to Obtaining Access to duty3G

Functions by Role

Duty Management

Adding and Maintaining Duties

Viewing and Performing Duties

Appendix A - Installing duty3G

Appendix B - Duty3G Menus by Role

Glossary

+==[[Duty3G/User Guide | Getting Started]]==
 == Duty3G Access ==
 To access COSmanager, a user must first have a UNIX account on the same host as COSmanager, or on a networked host. To actually run any COSmanager applications, users must have access rights to the required COSmanager menus and options.
-=== Roles ===
+==== Roles ====
 COSmanager access is controlled by assigning to selected users one or more roles. Roles equate to responsibilities shared by some staff. Each role translates to a set of capabilities that determine users’ access to menus and functions in individual COSmanager
 applications.
+[[Image:Duty roles.png|frame|Figure 2 — Capabilities and roles]]
 By grouping users with similar access requirements and responsibilities, you can avoid having to allocate capabilities to individual users and security is enhanced by granting access rights according to job function, rather than to transient individuals.
 Duty3G is supplied with a set of default roles such as those shown in the diagram below. These roles can be modified to more accurately reflect the needs of an installation.
- Figure 4 — Capabilities and roles
 <br>
-== Capabilities ==
+==== Capabilities ====
 COSmanager applications such as duty3G ‘interpret’ each one of a user’s roles, to determine what capabilities are granted to the user in that application.
- Note By convention, role names use initial capitals (“Admin”) and capabilities do not (“dutysuper“).
+{{Note|By convention, role names use initial capitals (“Admin”) and capabilities do not (“dutysuper“).}}
 The capabilities associated with roles in duty3G can be viewed and modified by users with top-level privileges only. Examples of capabilities used within duty3G are shown in the table below and the full set can be viewed under duty3G configuration > Maintain > Access roles.
+{| border="0" cellpadding="0" cellspacing="5"
+! width="90" align="left" | <u>Capability</u>
+! align="left" | <u>Description</u>
+|-
+! align="left" | dutysuper
+| Maintain all duties, including those requiring superuser access
+|-
+! align="left" | dutyadmin
+| Maintain all duties, except those requiring superuser access
+|-
+! align="left" | runall
+| Perform all duties
+|-
+! align="left" | runouts
+| Perform outstanding duties
+|-
+! align="left" | runsched
+| Perform scheduled duties
+|-
+|}
 From this example, users without dutysuper or dutyadmin capability should not be able to maintain any duty or access duty3G configuration.
-Steps to Obtaining Access to duty3G
+<br>
+==== Steps to Obtaining Access to duty3G ====
 #Add user to COSmanager as either a user or a group.
 #Assign appropriate COSmanager roles to the user, creating new role if required.
 #Ensure capabilities assigned to role within duty3G are adequate by examining the ‘duty3G Access Capabilities/Roles’ table under duty3G configuration > Maintain > Access roles. Amend or add roles as required.
-=== Capability Description ===
+<br>
-;dutysuper: Maintain all duties, including those requiring superuser access
+==== Functions by Role ====
-;dutyadmin: Maintain all duties, except those requiring superuser access
-;runall: Perform all duties
+There are a number of standard roles supplied with COSmanager and inherited by duty3G. Following are what functions each standard role can perform. See [[Duty3G/User Guide/Appendix B — duty3G Menus by Role | Appendix B - Duty3G Menus by Role]].
-;runouts: Perform outstanding duties
-;runsched: Perform scheduled duties
+{| border="1" cellpadding="3" cellspacing="0"
+|+'''Duty Console'''
+! width="40" |
+! width="115" | Admin
+! width="115" | Auditor
+! width="115" | Manager
+! width="115" | Operator
+! width="115" | SeniorOp
+! width="115" | User
+|-
+! align="left" valign="top" rowspan="3" | File
+| Remote
+| Remote
+| Remote
+| Remote
+| Remote
+| Remote
+|-
+| Duty audit trail
+| Duty audit trail
+| Duty audit trail
+|
+| Duty audit trail
+|
+|-
+| Duty compliance
+| Duty compliance
+| Duty compliance
+|
+| Duty compliance
+|
+|-
+! align="left" valign="top" rowspan="5" | Duty
+| Perform selected
+| Perform selected
+| Perform selected
+| Perform selected
+| Perform selected
+| Perform selected
+|-
+| Perform outstanding
+|
+| Perform outstanding
+| Perform outstanding
+| Perform outstanding
+|
+|-
+| Mark done
+|
+| Mark done
+|
+|
+|
+|-
+| Add comment
+| Add comment
+| Add comment
+| Add comment
+| Add comment
+| Add comment
+|-
+| Duty notes
+| Duty notes
+| Duty notes
+| Duty notes
+| Duty notes
+| Duty notes
+|-
+! align="left" valign="top" rowspan="10" | View
+| Outstanding
+|
+| Outstanding
+| Outstanding
+| Outstanding
+|
+|-
+| At request
+| At request
+| At request
+| At request
+| At request
+| At request
+|-
+| Scheduled
+|
+| Scheduled
+|
+| Scheduled
+|
+|-
+| Automatic
+|
+| Automatic
+|
+|
+|
+|-
+| Upcoming duties
+|
+| Upcoming duties
+| Upcoming duties
+| Upcoming duties
+|
+|-
+| For all
+| For all
+| For all
+| For all
+| For all
+| For all
+|-
+| For duty list
+| For duty list
+| For duty list
+| For duty list
+| For duty list
+| For duty list
+|-
+| For host
+| For host
+| For host
+| For host
+| For host
+| For host
+|-
+| For role
+| For role
+| For role
+| For role
+| For role
+| For role
+|-
+| Options
+| Options
+| Options
+| Options
+| Options
+| Options
+|}
+{| border="1" cellpadding="3" cellspacing="0"
+|+'''Duty Configuration'''
+! width="40" |
+! width="115" | Admin
+! width="115" | Auditor
+! width="115" | Manager
+! width="115" | Operator
+! width="115" | SeniorOp
+! width="115" | User
+|-
+! align="left" valign="top" rowspan="9" | Duty
+| Add
+|
+| Add
+|
+|
+|
+|-
+| Change
+|
+| Change
+|
+|
+|
+|-
+| Clone
+|
+| Clone
+|
+|
+|
+|-
+| Remove
+|
+| Remove
+|
+|
+|
+|-
+| Reorder
+|
+| Reorder
+|
+|
+|
+|-
+| Move to duty list
+|
+| Move to duty list
+|
+|
+|
+|-
+| Duty notes
+|
+| Duty notes
+|
+|
+|
+|-
+| Test
+|
+| Test
+|
+|
+|
+|-
+|
+|
+| Unlock
+|
+|
+|
+|-
+! align="left" valign="top" rowspan="8" | View
+| At request
+|
+| At request
+|
+|
+|
+|-
+| Scheduled
+|
+| Scheduled
+|
+|
+|
+|-
+| Automatic
+|
+| Automatic
+|
+|
+|
+|-
+| Upcoming duties
+|
+| Upcoming duties
+|
+|
+|
+|-
+| For all
+|
+| For all
+|
+|
+|
+|-
+| For duty list
+|
+| For duty list
+|
+|
+|
+|-
+| For host
+|
+| For host
+|
+|
+|
+|-
+| For role
+|
+| For role
+|
+|
+|
+|-
+! align="left" valign="top" rowspan="5" | Tools
+| Config report
+|
+| Config report
+|
+|
+|
+|-
+| Classes
+|
+| Classes
+|
+|
+|
+|-
+| Schedules
+|
+| Schedules
+|
+|
+|
+|-
+|
+|
+| Access roles
+|
+|
+|
+|-
+| Sync crontab
+|
+| Sync crontab
+|
+|
+|
+|}
+{{Note| The '''Admin''' role cannot add, change or remove duties that have ''Run as user'' set to '''root''' or '''cosmos'''}}
+<br>
+==[[Duty3G/User Guide/Duty Management | Duty Management]]==
+==[[Duty3G/User Guide/Adding and Maintaining Duties | Adding and Maintaining Duties]]==
+==[[Duty3G/User Guide/Viewing and Performing Duties | Viewing and Performing Duties]]==
+==[[Duty3G/User Guide/Appendix A — Installing duty3G | Appendix A - Installing duty3G]]==
+==[[Duty3G/User Guide/Appendix B — duty3G Menus by Role | Appendix B - Duty3G Menus by Role]]==
+==[[Duty3G/User Guide/Glossary|Glossary]]==
+----