Permissions: Difference between revisions

From PHENOM Portal Knowledgebase
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
Permissions are a user's access level to either a project or a model. There are four different types of permissions, and a user can have any of the permissions types independent of one another.
Permissions are a user's access level to either a project or a model. There are four different types of permissions, and a user can have any of the permissions types independent of one another.
Permissions on a project and the models it contains are distinct (i.e., the user can have different permissions (higher or lower) at the project level compared to the models).


= Permissions Types =
= Permissions Types =
Line 10: Line 11:


'''UPDATE IMAGE WITH OWNER COLUMN FILLED'''
'''UPDATE IMAGE WITH OWNER COLUMN FILLED'''
[[File:Perms5.png|alt=Uncheckable Read Permissions Boxes|frameless|742x742px]]
[[File:Perms5.png|alt=Uncheckable Read Permissions Boxes|frameless|742x742px]]


Line 15: Line 17:
'''If a user has Write permissions, they are allowed to edit project and model content.'''
'''If a user has Write permissions, they are allowed to edit project and model content.'''


Having Write permissions to a project or a model allows the user to modify any of its content, including pulling, pushing, and approving push requests.
Having Write permissions to a project or a model allows the user to modify any of its content, including pulling, pushing, and approving push requests. Note that to pull changes from a parent model, the user needs at least Read permissions to the parent model.
 
The user is able to create, edit, and delete elements, as well as perform the majority of the actions related to inheriting models '''WHAT ACTIONS CAN'T BE PERFORMED?'''. If the model inherits from another model, the user with Write access is able to request to push content to the parent model. Assuming that the user also has Read '''WRITE?''' permissions to the parent model, the user is also allowed to pull any new changes from the parent model. Likewise, if a model has other models that inherit from it, a user with Write permissions to the model is allowed to approve content changes and delete push requests. '''I THOUGHT WE COULDN'T DELETE PUSH REQUESTS'''


== Admin Permissions ==
== Admin Permissions ==
Line 25: Line 25:


== Owner Permissions ==
== Owner Permissions ==
'''If a user has Owner permissions, they have all of the above permissions types, as well as some additional actions.'''
'''If a user has Owner permissions, they have the same permissions as Admins, as well as some additional actions.'''


Having Owner permissions to a project or a model provide the user with Admin permissions plus the ability to delete the project or model, and to share it with users external to their account. Owner users can grant permissions up to Owner for internal users and Admin for external users.
Having Owner permissions to a project or a model provide the user with Admin permissions plus the ability to delete the project or model, and to share it with users external to their account. Owner users can grant permissions up to Owner for internal users and Admin for external users.
If a user owns a project and wishes to give other users permissions to it that are higher than those users currently have, the user must also have Admin permissions to all the contained models '''WHAT?'''.


= Assign Permissions =  
= Assign Permissions =  
== Assign Permissions to a Model ==
Users are able to assign permissions to their models by using the Permission Manager on the Model Details pages. The table lists all the users from the same account as the current user.
'''NEED NEW SCREENSHOT'''
[[File:Perms1.png|alt=Project Details Page Permissions Manager|frameless|1023x1023px]]
To be able to share a model, the users need to have Admin or Owner permissions to it.
{| class="wikitable"
! Current User Permissions !! Target User Permissions Options
|-
| Read + Admin || Read, Admin
|-
| Read + Admin + Owner|| Read, Admin, Owner
|-
| Read + Write + Admin || Read, Write, Admin
|-
| Read + Write + Admin + Owner|| Read, Write, Admin, Owner
|}
== Assign Permissions to a Project or Model ==
== Assign Permissions to a Project or Model ==
Users are able to assign permissions to their projects and models by using the Permission Manager on the Project Details and Model Details pages. The table lists all the users from the same account as the current user.
Users are able to assign permissions to their projects and models by using the Permission Manager on the Project Details and Model Details pages. The table lists all the users from the same account as the current user.


[[File:Perms1.png|alt=Project Details Page Permissions Manager|frameless|1023x1023px]]
[[File:Perms1.png|alt=Project Details Page Permissions Manager|frameless|1023x1023px]]


== Assign Permissions to External Users ==
== Assign Permissions to External Users ==

Revision as of 16:33, 29 April 2024

Permissions are a user's access level to either a project or a model. There are four different types of permissions, and a user can have any of the permissions types independent of one another. Permissions on a project and the models it contains are distinct (i.e., the user can have different permissions (higher or lower) at the project level compared to the models).

Permissions Types

Read Permissions

If a user has Read permissions, they have read-only access to the project or model.

Having Read permissions to a project and its models allows the user to switch to that project, see all the content, export the content, but not create, edit, or update it. In addition, if the model inherits from another model, a user with Read permissions is allowed to see the nodes that can be pulled from a parent model, but are prevented from actually pulling that content. Likewise, if a model has other models that inherit from it, a user with Read permissions to the model is allowed to see the push requests from the children models, but is not allowed to approve those changes.

Read permissions are unique from the other permissions types in that they are required in order to have any other permissions. For that reason, when assigning Write, Admin, or Owner permissions, Read permissions are assigned by default and can't be removed, as seen below.

UPDATE IMAGE WITH OWNER COLUMN FILLED

Uncheckable Read Permissions Boxes

Write Permissions

If a user has Write permissions, they are allowed to edit project and model content.

Having Write permissions to a project or a model allows the user to modify any of its content, including pulling, pushing, and approving push requests. Note that to pull changes from a parent model, the user needs at least Read permissions to the parent model.

Admin Permissions

If a user has Admin permissions, they are allowed to make changes to projects and models themselves.

Having Admin permissions to a project or a model allows the user to change the metadata of the project or model and create inheriting projects or models. They can also set the permissions of other users (belonging to their own account) to this project or model up to Admin.

Owner Permissions

If a user has Owner permissions, they have the same permissions as Admins, as well as some additional actions.

Having Owner permissions to a project or a model provide the user with Admin permissions plus the ability to delete the project or model, and to share it with users external to their account. Owner users can grant permissions up to Owner for internal users and Admin for external users.

Assign Permissions

Assign Permissions to a Model

Users are able to assign permissions to their models by using the Permission Manager on the Model Details pages. The table lists all the users from the same account as the current user.

NEED NEW SCREENSHOT

Project Details Page Permissions Manager

To be able to share a model, the users need to have Admin or Owner permissions to it.

Current User Permissions Target User Permissions Options
Read + Admin Read, Admin
Read + Admin + Owner Read, Admin, Owner
Read + Write + Admin Read, Write, Admin
Read + Write + Admin + Owner Read, Write, Admin, Owner

Assign Permissions to a Project or Model

Users are able to assign permissions to their projects and models by using the Permission Manager on the Project Details and Model Details pages. The table lists all the users from the same account as the current user.

Project Details Page Permissions Manager


Assign Permissions to External Users

To assign permissions to users that do not belong to the current user's account, the user has to give them a Permissions Token. The procedure to do so is as follows:

  • Go to the Project Sharing page
  • Locate the project or model to be shared
  • Enter the username and the desired permissions level
  • Click the Share button
  • Email the generated Token (which appeared on the right of the screen) to the user.

Note that the Token is only valid for 24 hours.

Project Sharing Page

To gain access to the project or model, the user has to go to the Project Sharing page, copy the Token received by email in the dedicated field and click the Submit button. The new project or model should then appear in the their project/model tree.

Accepting Perms Token

This user, along with any other external users, will appear in the Permissions Manager under a separate External Users table.

Project Details with External Users Permissions

Account Admins

Account admins are able to see all the projects and models that exist on their account, and are able to assign permissions to those projects and models to any user on the same account up to Owner permissions. In case a project or model was shared to someone on an account using a Permissions Token, that account's Admins are only allowed to assign permissions to the project or model that someone on the account holds. WHAT?