Listings of User Roles and Privileges
This page is intended to be a near exhaustive listing of roles and privileges that can be assigned to a user to allow them to carry out certain actions.
Contents
- 1 User Roles
- 2 User Privileges
- 2.1 config
- 2.2 eprint
- 2.2.1 create_eprint
- 2.2.2 eprint_search
- 2.2.3 eprint/reject_with_email
- 2.2.4 eprint/remove_once_archived
- 2.2.5 eprint/remove_with_email
- 2.2.6 eprint/staff/search
- 2.2.7 eprint/STATUS/deposit:USERTYPE
- 2.2.8 eprint/STATUS/derive_version:USERTYPE
- 2.2.9 eprint/STATUS/destroy:USERTYPE
- 2.2.10 eprint/STATUS/details:USERTYPE
- 2.2.11 eprint/STATUS/edit:USERTYPE
- 2.2.12 eprint/STATUS/export:USERTYPE
- 2.2.13 eprint/STATUS/history:USERTYPE
- 2.2.14 eprint/STATUS/issues:USERTYPE
- 2.2.15 eprint/STATUS/messages:USERTYPE
- 2.2.16 eprint/STATUS/move_archive:USERTYPE
- 2.2.17 eprint/STATUS/move_buffer:USERTYPE
- 2.2.18 eprint/STATUS/move_deletion:USERTYPE
- 2.2.19 eprint/STATUS/move_inbox:USERTYPE
- 2.2.20 eprint/STATUS/remove:USERTYPE
- 2.2.21 eprint/STATUS/request_removal:USERTYPE
- 2.2.22 eprint/STATUS/rest/get:USERTYPE
- 2.2.23 eprint/STATUS/rest/put:USERTYPE
- 2.2.24 eprint/STATUS/view:USERTYPE
- 2.2.25 eprint/STATUS/summary:USERTYPE
- 2.2.26 eprint/STATUS/takelock:USERTYPE
- 2.2.27 eprint/STATUS/upsert:USERTYPE
- 2.2.28 eprint/STATUS/use_as_template:USERTYPE
- 2.3 event_queue
- 2.4 file
- 2.5 import
- 2.6 indexer
- 2.7 saved_search
- 2.8 staff
- 2.9 user
- 2.10 Miscellaneous
- 2.11 Privileges for public roles
User Roles
- admin
- indexer/start, indexer/stop, indexer/force_start, create_user, subject/edit, staff/user_search, staff/history_search, staff/issue_search, config/view, config/view/xml, config/view/workflow, config/view/citation, config/view/phrase, config/view/namedset, config/view/template, config/view/static, config/view/autocomplete, config/view/apache, config/view/perl, config/test_email, config/imports, config/add_field, config/remove_field, config/regen_abstracts, config/regen_citations, config/regen_views, config/edit/perl, storage/manager, repository/epm, event_queue/destroy, event_queue/details, event_queue/edit, event_queue/export, event_queue/view, eprint/destroy, eprint/details, eprint/edit, eprint/export, eprint/upsert, eprint/view, eprint/archive/remove, eprint/archive/edit, file/destroy, file/export, file/view, import/view, import/edit, saved_search/destroy, saved_search/details, saved_search/edit, saved_search/export, saved_search/view, user/remove, user/edit, user/view, user/details, user/destroy, user/history, user/staff/edit, repository/epm-submit
- change-email
- Currently empty
- change-user
- Currently empty
- deposit
- items, create_eprint, user/history:owner, eprint/inbox/view:owner, eprint/inbox/export:owner, eprint/inbox/summary:owner, eprint/inbox/destroy:owner, eprint/inbox/deposit:owner, eprint/inbox/edit:owner, eprint/inbox/remove:owner, eprint/inbox/details:owner, eprint/inbox/history:owner, eprint/inbox/messages:owner, eprint/inbox/issues:owner, eprint/inbox/deposit:owner, eprint/inbox/use_as_template:owner, eprint/inbox/derive_version:owner, eprint/buffer/view:owner, eprint/buffer/export:owner, eprint/buffer/summary:owner, eprint/buffer/move_inbox:owner, eprint/buffer/details:owner, eprint/buffer/history:owner, eprint/buffer/messages:owner, eprint/buffer/request_removal:owner, eprint/buffer/use_as_template:owner, eprint/buffer/derive_version:owner, eprint/archive/view:owner, eprint/archive/export:owner, eprint/archive/summary:owner, eprint/archive/details:owner, eprint/archive/history:owner, eprint/archive/messages:owner, eprint/archive/request_removal:owner, eprint/archive/use_as_template:owner, eprint/archive/derive_version:owner, eprint/deletion/view:owner, eprint/deletion/export:owner, eprint/deletion/summary:owner, eprint/deletion/details:owner, eprint/deletion/history:owner, eprint/deletion/messages:owner, eprint/deletion/use_as_template:owner, eprint/deletion/derive_version:owner,
- general
- user/view:owner, user/details:owner, user/history:owner
- edit-config
- config/edit, config/edit/xml, config/edit/workflow, config/edit/citation, config/edit/phrase, config/edit/namedset, config/edit/template, config/edit/static, config/edit/autocomplete, config/reload,
- edit-own-record
- user/view:owner
- editor
- datasets, editorial_review, eprint/inbox/view:editor, eprint/inbox/export:editor, eprint/inbox/summary:editor, eprint/inbox/export:editor, eprint/inbox/details:editor, eprint/inbox/history:editor, eprint/inbox/messages:editor, eprint/inbox/remove_with_email:editor, eprint/inbox/move_archive:editor, eprint/inbox/move_buffer:editor, eprint/inbox/use_as_template:editor, eprint/inbox/derive_version:editor, eprint/inbox/edit:editor, eprint/inbox/takelock:editor, eprint/buffer/view:editor, eprint/buffer/export:editor, eprint/buffer/summary:editor, eprint/buffer/export:editor, eprint/buffer/details:editor, eprint/buffer/history:editor, eprint/buffer/messages:editor, eprint/buffer/issues:editor, eprint/buffer/remove_with_email:editor, eprint/buffer/reject_with_email:editor, eprint/buffer/move_inbox:editor, eprint/buffer/move_archive:editor, eprint/buffer/use_as_template:editor, eprint/buffer/derive_version:editor, eprint/buffer/edit:editor, eprint/buffer/takelock:editor, eprint/deletion/view:editor, eprint/deletion/export:editor, eprint/deletion/summary:editor, eprint/deletion/export:editor, eprint/deletion/details:editor, eprint/deletion/history:editor, eprint/deletion/messages:editor, eprint/deletion/move_archive:editor, eprint/deletion/use_as_template:editor, eprint/deletion/derive_version:editor, eprint/deletion/takelock:editor,
- rest
- eprint/archive/rest/get:editor, eprint/archive/rest/put:editor, eprint/buffer/rest/get:editor, eprint/buffer/rest/put:editor, eprint/inbox/rest/get:editor, eprint/inbox/rest/put:editor, eprint/deletion/rest/get:editor, eprint/deletion/rest/put:editor, eprint/inbox/rest/get:owner, eprint/inbox/rest/put:owner, eprint/buffer/rest/get:owner, eprint/archive/rest/get:owner, eprint/deletion/rest/get:owner, user/rest/get:owner, subject/rest/get
- saved-searches
- saved_search, create_saved_search, saved_search/view:owner, saved_search/edit:owner, saved_search/destroy:owner,
- set-password
- set-password
- staff-view
- eprint/inbox/view, eprint/inbox/summary, eprint/inbox/export, eprint/inbox/details, eprint/inbox/history, eprint/buffer/view, eprint/buffer/summary, eprint/buffer/export, eprint/buffer/details, eprint/buffer/history, eprint/archive/view, eprint/archive/export, eprint/archive/details, eprint/archive/history, eprint/deletion/view, eprint/deletion/summary, eprint/deletion/export, eprint/deletion/details, eprint/deletion/history, eprint/search/staff
- toolbox
- toolbox
- view-status
- status
Roles used by User Types (as of EPrints 3.4.x)
- minuser
- general, edit-own-record, saved-searches, set-password, lock-username-to-email
- user
- general, edit-own-record, saved-searches, set-password, deposit, change-email
- editor
- general, edit-own-record, saved-searches, set-password, deposit, change-email, editor, view-status, staff-view
- admin
- general, edit-own-record, saved-searches, set-password, deposit, change-email, editor, view-status, staff-view, admin, edit-config
User Privileges
config
config/add_field
Add a bespoke field to a data object, using the web browser interface.
config/delete/FILETYPE
Delete a configuration file. This can optionally be restricted to a file of a particular FILETYPE: autocomplete, citation, namedset, perl, phrase, static, template, workflow, xml. Some of these types can overlap, e.g. workflow is also xml.
config/edit/FILETYPE
Edit a configuration file. This can optionally be restricted to a file of a particular FILETYPE: autocomplete, citation, namedset, perl, phrase, static, template, workflow, xml. Some of these types can overlap, e.g. workflow is also xml.
config/imports
Unused by default. Intended for managing bulk imports to a repository archive.
config/regen_abstracts
Drops the abstract pages cache so abstract pages can be regenerated.
config/regen_citations
Drops the citations cache so citations can be regenerated.
config/regen_views
Drops the browse view cache so browse view pages can be regenerated.
config/reload
Reload the repository configuration.
config/remove_field
Remove a field from a data object. (Only fields created via the web browser interfaces, not pre-created through archive configuration).
config/test_email
View the "Send test email" page to send a test email to a specified address to confirm email sending is working as expected.
config/view/FILETYPE
View a configuration file. This can optionally be restricted to a file of a particular FILETYPE: autocomplete, citation, namedset, perl, phrase, static, template, workflow, xml. Some of these types can overlap, e.g. workflow is also xml.
eprint
Some eprint privileges can be specialised by the STATUS of the the eprint (e.g. inbox, buffer, archive or deletion and the USERTYPE (e.g. owner or editor). The privilege eprint/view would allow the user to view any eprint, eprint/archive/view would only allow them to view eprints in the live archive and eprint/inbox/view:owner would only allow them to view eprints in the user workarea if they were owned by the user.
create_eprint
Create a new eprint, which will initial appear in that user's workarea.
eprint_search
View and use eprint search across live archive.
eprint/reject_with_email
Reject the eprint under review (returning to user's workarea) and email eprint's owner about this.
eprint/remove_once_archived
Completely remove an eprint even if it is or has been in the live archive.
eprint/remove_with_email
Completely remove an eprint and email eprint's owner to about this.
eprint/staff/search
View and use full eprint search across all statuses of eprint.
eprint/STATUS/deposit:USERTYPE
Deposit an eprint. Typically this would be just changing it status from inbox to buffer, so the eprint can be reviewed.
eprint/STATUS/derive_version:USERTYPE
Create a new version of a chosen eprint. Copying the metadata and setting the succeeds field to that of that chosen eprint.
eprint/STATUS/destroy:USERTYPE
Completely delete an existing eprint.
eprint/STATUS/details:USERTYPE
View the Details tab for an eprint.
eprint/STATUS/edit:USERTYPE
Edit the metadata for an eprint
eprint/STATUS/export:USERTYPE
Export the metadata for an eprint in one or more different formats.
eprint/STATUS/history:USERTYPE
View the History tab for an eprint.
eprint/STATUS/issues:USERTYPE
View the Issues tab for an eprint.
eprint/STATUS/messages:USERTYPE
View the Messages tab for an eprint.
eprint/STATUS/move_archive:USERTYPE
Move an eprint to the live archive. (I.e. change its status, normally from buffer to archive).
eprint/STATUS/move_buffer:USERTYPE
Move an eprint back to the review buffer. (I.e. change its status to buffer).
eprint/STATUS/move_deletion:USERTYPE
Retire an eprint. (I.e. change its status, normally from archive to deletion).
eprint/STATUS/move_inbox:USERTYPE
Move an eprint back to a user's workarea. (I.e. change its status, normally from buffer to inbox).
eprint/STATUS/remove:USERTYPE
Completely remove an eprint.
eprint/STATUS/request_removal:USERTYPE
Request that an existing eprint is removed, (e.g. because it is a duplicate or has been added erroneously).
eprint/STATUS/rest/get:USERTYPE
An eprint's metadata can be retrieved using the REST API.
eprint/STATUS/rest/put:USERTYPE
An eprint's metadata can be set using the REST API.
eprint/STATUS/view:USERTYPE
View an eprint and a rendering of its metadata
eprint/STATUS/summary:USERTYPE
View the Summary' tab of an eprint.
eprint/STATUS/takelock:USERTYPE
Take the edit lock on an eprint.
eprint/STATUS/upsert:USERTYPE
Overwrite the existing metadata for an eprint. Typically with a PUT request via an API not through the repository's web browser interface.
eprint/STATUS/use_as_template:USERTYPE
Use metadata from a chosen eprint to create a new eprint, which is not a new version of that chosen eprint.
event_queue
event_queue/destroy
Completely delete an event queue task.
event_queue/details
View the Details tab for an event queue task.
event_queue/edit
Edit an event queue task. (E.g. change the time it should run or reset its status if it has failed.)
event_queue/export
Export the metadata for an event queue task.
event_queue/view
View the metadata for an event queue task.
file
file/destroy
Completely delete a file record.
file/export
Export the metadata for a file record.
file/view
View the metadata for a file record.
import
import/view
View the metadata for an import.
import/edit
Edit the metadata for an import.
indexer
indexer/force_start
Force start the indexer, if the repository thinks it is still running but no event queue tasks are being processed.
indexer/start
Start the indexer if it is not currently running.
indexer/stop
Stop the indexer if it is currently running.
saved_search
create_saved_search
Create a new saved_search record.
saved_search
View listing or a user's saved searches.
saved_search/destroy
Completely delete a saved search record.
saved_search/details
View the Details tab for a saved search record.
saved_search/edit
Edit the metadata for a saved search record.
saved_search/export
Export the metadata for a saved search record.
saved_search/view
View the metadata for a saved search record.
staff
staff/user_search
View and use the search over user records.
staff/history_search
View and use the search over eprint history records.
staff/issue_search
View and use the search over eprint issue records.
user
Some user privileges can be specialised by USERTYPE (e.g. owner). The privilege user/edit would allow the user to view any user record, user/edit:owner would only allow them to edit their own user record.
create_user
Create a new user.
user/destroy:USERTYPE
Completely delete a user record.
user/details:USERTYPE
View the Details tab of a user.
user/edit:USERTYPE
Edit a user's profile.
user/history:USERTYPE
View the History tab of a user. This includes the changes (revisions) they made to any eprint record.
user/mediate
Whether a user can mediate for (i.e. act as) another user. Required feature of SWORD API.
user/remove:USERTYPE
Remove a user record.
user/staff/edit
Unused by default. Intended for restricting parts of a user's profile to be edited by a repository admininistrator.
user/view:USERTYPE
View a user record's metadata.
Miscellaneous
datasets
View the "Manage records" page.
editorial_review
View the "Review" page.
items
View the "Manage deposits" page.
repository/epm
View the "EPrints Bazaar" page and install Bazaar plugins.
set-password
Unused by default. Intended for restricting whether a user can set their own password.
status
View the "Status" and "Database Schema" pages.
storage/manager
View the "Storage Manager" page.
subject/edit
View and edit the subject tree.
toolbox
Use the toolbox CGI script (i.e. /cgi/toolbox/toolbox) to carry out a operation provided by EPrints::Toolbox. Dangerous: Do not enable without good reason."
Privileges for public roles
These privileges available to users without them needing to login. This mainly pertains to REST requests you may or may not want accessible.
- +eprint/archive/rest/get
- REST request to get metadata for an eprint in the live archive
- +eprint/archive/rest/get
- REST request to get metadata for a subject in the archive's subject tree.