FS
Documentation

Task3G/User Guide/task3G Access

From Documentation

(Difference between revisions)
Jump to: navigation, search
Revision as of 09:44, 4 March 2008
Moff (Talk | contribs)
(Capabilities)
← Previous diff
Revision as of 09:45, 4 March 2008
Moff (Talk | contribs)
(Steps to Obtaining Access to task3G)
Next diff →
Line 64: Line 64:
=== Steps to Obtaining Access to task3G === === Steps to Obtaining Access to task3G ===
-#Add user to COSMmanager as either a user or a group.+#Add user to COSmanager as either a user or a group.
-#Assign appropriate COSMmanager roles to the user, creating new role if required.+#Assign appropriate COSmanager roles to the user, creating new role if required.
-#Ensure capabilities assigned to role within task3G are adequate by examining the ‘task3G Access Capabilities and Roles’ table under task3G configuration > Tables > Roles. Amend or add roles as required.+#Ensure capabilities assigned to role within task3G are adequate by examining the ‘task3G Access Capabilities and Roles’ table under {{cnav|task3G configuration > Tables > Roles}}. Amend or add roles as required.

Revision as of 09:45, 4 March 2008

Detailed information on accessing COSmanager applications can be found in the section COSmanager Users and Access Controls of the COSmanager User Guide. The information in this chapter is a summary of the relevant details from that manual.

To access COSmanager, a user must first have a UNIX account on the same host as COSmanager, or on a networked host. To actually run any COSmanager applications, users must have access rights to the required COSmanager menus and options.


Roles

COSmanager access is controlled by assigning to selected users one or more roles. Roles equate to responsibilities shared by some staff. Each role translates to a set of capabilities that determine users’ access to menus and functions in individual COSmanager applications.

By grouping users with similar access requirements and responsibilities, you can avoid having to allocate capabilities to individual users and security is enhanced by granting access rights according to job function, rather than to transient individuals.

Task3G is supplied with a set of default roles such as those shown in the diagram below. These roles can be modified to more accurately reflect the needs of an installation.

Figure 4 — Capabilities and roles


Capabilities

COSmanager applications such as task3G ‘interpret’ each one of a user’s roles, to determine what capabilities are granted to the user in that application.

Note
Note
By convention, role names use initial capitals (“Admin”) and capabilities do not (“submit“).

The capabilities associated with roles in task3G can be viewed and modified by users with top-level privileges only. Examples of capabilities used within task3G are shown in the table below and the full set can be viewed under task3G configuration > Tables > Roles .


Capability Description
clr_status Ability to manually clear job status
control Control task3G jobs and tasks
disable Ability to disable/enable jobs
display Display contents of task3G tables
kill Ability to cancel and kill jobs and tasks
killall Ability to kill any task
maintain Maintain task3G tables
runall Access to all jobs enabled
submit Ability to submit task3G jobs


From this example, users without maintain capability should not be able to maintain any duty or access task3G configuration.


Steps to Obtaining Access to task3G

  1. Add user to COSmanager as either a user or a group.
  2. Assign appropriate COSmanager roles to the user, creating new role if required.
  3. Ensure capabilities assigned to role within task3G are adequate by examining the ‘task3G Access Capabilities and Roles’ table under task3G configuration > Tables > Roles . Amend or add roles as required.