7.2. User Status, Categories and Access Permissions

7.2.1. User Status

Users have one of the following status: unregistered, pre-registered, or registered. A registered user is one who went through the process of signing up for HADatAc and confirming the authenticity of her/his email address. A user is allowed to register if the user was pre-registered by an administrator. A user is said to be unregistered if the user is neither pre-registered nor registered.

7.2.2. User Categories

Users have categories as described below. For instance, a registered user is capable of logging into the system and owning data. An admin user has the permission of granting admin permission to any registered user.

Master User: One default administration user must be created during HADatAc configuration (see Section 2.1.8). This is a special case of an Administration User as described below.

Administration (admin) User: This is the user who can pre-register new users and grant admin status to other registered users. Right after installation, the Master User is the only user with admin permission, and consequently the only user capable of pre-registering other users. Once users complete their registration including the verification of their email addresses, admin users can grant new users with admin permission, which would enable any of these new administration users the pre-register new users.

Data Owner: Every registered user is considered a data owner, whether the user actually owns or not any data in the data repository. A data owner is capable of the following: uploading data and metadata into the system; recording deployment metadata; annotating data with metadata; setting the permission of who has the right of accessing their data; deleting their data from the system.

Guest User: Every user is considered unregistered until the user logs into the system. Unregistered users can access and download publicly available data. Unregistered users cannot upload and own data in the HADatAc system.

7.2.3. User Registration

One needs to be a HADatAc administrator to pre-register users in HADatAc. Also, the pre-registration requires a SMTP mailer to be set so that HADatAc can use email exchange to authenticate users (see Session 2.1.2).

Pre-Registration and Full Registration

The pre-registration consist of a manager creating a new user that includes the email of the new user. This is accomplished by going to Home > User Management > Pre-Register New User, and filling out the pre-registration form. A user is said to be a pre-registred once one new account is created for the user.

A registration becomes full registration once the new user sign up using the same email address that was pre-registered, and he/she authenticates the account by replying a verification email sent by HADatAc to the pre-registered email address.

Recovering Master User Account

Please see instructions in Section 2.1.8.

7.2.4. Authentication Information Backup and Recovery

Users having admin privilege can perform backup and recovery operations on user graph (e.g. user profiles, access levels, etc) and authentication (e.g. accounts, encrypted passwords, security roles, etc) when system upgrade necessitates this. To backup, go to the Manage Users page and then you will see an button called Backup User Authentication for exporting a .json file containing required information for recovering later, and another button called Backup User Graph for exporting a .ttl file containing the whole user graph. To recover, in the same page, use the file upload panel called Load User Graph from turtle first to upload the previously saved .ttl file for recovering the user graph and then use another file upload panel called Load User Authentication from json to upload the previously saved .json file for recovering the user authentication.