Difference between revisions of "Listings of User Roles and Privileges"

Revision as of 08:56, 29 August 2022

This page is intended to be a near exhaustive listing of roles and privileges that can be assigned to a user to allow them to carry out certain actions.

User Roles

admin: indexer/stop, indexer/start, indexer/force_start, create_user, subject/edit, staff/user_search, staff/history_search, staff/issue_search, config/view, config/view/xml, config/view/workflow, config/view/citation, config/view/phrase, config/view/namedset, config/view/template, config/view/static, config/view/autocomplete, config/view/apache, config/view/perl, config/test_email, config/imports, config/add_field, config/remove_field, config/regen_abstracts, config/regen_citations, config/regen_views, config/edit/perl, storage/manager, repository/epm, event_queue/destroy, event_queue/details, event_queue/edit, event_queue/export, event_queue/view, eprint/destroy, eprint/details, eprint/edit, eprint/export, eprint/upsert, eprint/view, eprint/archive/remove, eprint/archive/edit, file/destroy, file/export, file/view, import/view, import/edit, saved_search/destroy, saved_search/details, saved_search/edit, saved_search/export, saved_search/view, user/remove, user/edit, user/view, user/details, user/destroy, user/history, user/staff/edit, repository/epm-submit
change-email: Currently empty
change-user: Currently empty
deposit: items, create_eprint, user/history:owner, eprint/inbox/view:owner, eprint/inbox/export:owner, eprint/inbox/summary:owner, eprint/inbox/destroy:owner, eprint/inbox/deposit:owner, eprint/inbox/edit:owner, eprint/inbox/remove:owner, eprint/inbox/details:owner, eprint/inbox/history:owner, eprint/inbox/messages:owner, eprint/inbox/issues:owner, eprint/inbox/deposit:owner, eprint/inbox/use_as_template:owner, eprint/inbox/derive_version:owner, eprint/buffer/view:owner, eprint/buffer/export:owner, eprint/buffer/summary:owner, eprint/buffer/move_inbox:owner, eprint/buffer/details:owner, eprint/buffer/history:owner, eprint/buffer/messages:owner, eprint/buffer/request_removal:owner, eprint/buffer/use_as_template:owner, eprint/buffer/derive_version:owner, eprint/archive/view:owner, eprint/archive/export:owner, eprint/archive/summary:owner, eprint/archive/details:owner, eprint/archive/history:owner, eprint/archive/messages:owner, eprint/archive/request_removal:owner, eprint/archive/use_as_template:owner, eprint/archive/derive_version:owner, eprint/deletion/view:owner, eprint/deletion/export:owner, eprint/deletion/summary:owner, eprint/deletion/details:owner, eprint/deletion/history:owner, eprint/deletion/messages:owner, eprint/deletion/use_as_template:owner, eprint/deletion/derive_version:owner,
general: user/view:owner, user/details:owner, user/history:owner
edit-config: config/edit, config/edit/xml, config/edit/workflow, config/edit/citation, config/edit/phrase, config/edit/namedset, config/edit/template, config/edit/static, config/edit/autocomplete, config/reload,
edit-own-record: user/view:owner
editor: datasets, editorial_review, eprint/inbox/view:editor, eprint/inbox/export:editor, eprint/inbox/summary:editor, eprint/inbox/export:editor, eprint/inbox/details:editor, eprint/inbox/history:editor, eprint/inbox/messages:editor, eprint/inbox/remove_with_email:editor, eprint/inbox/move_archive:editor, eprint/inbox/move_buffer:editor, eprint/inbox/use_as_template:editor, eprint/inbox/derive_version:editor, eprint/inbox/edit:editor, eprint/inbox/takelock:editor, eprint/buffer/view:editor, eprint/buffer/export:editor, eprint/buffer/summary:editor, eprint/buffer/export:editor, eprint/buffer/details:editor, eprint/buffer/history:editor, eprint/buffer/messages:editor, eprint/buffer/issues:editor, eprint/buffer/remove_with_email:editor, eprint/buffer/reject_with_email:editor, eprint/buffer/move_inbox:editor, eprint/buffer/move_archive:editor, eprint/buffer/use_as_template:editor, eprint/buffer/derive_version:editor, eprint/buffer/edit:editor, eprint/buffer/takelock:editor, eprint/deletion/view:editor, eprint/deletion/export:editor, eprint/deletion/summary:editor, eprint/deletion/export:editor, eprint/deletion/details:editor, eprint/deletion/history:editor, eprint/deletion/messages:editor, eprint/deletion/move_archive:editor, eprint/deletion/use_as_template:editor, eprint/deletion/derive_version:editor, eprint/deletion/takelock:editor,
rest: eprint/archive/rest/get:editor, eprint/archive/rest/put:editor, eprint/buffer/rest/get:editor, eprint/buffer/rest/put:editor, eprint/inbox/rest/get:editor, eprint/inbox/rest/put:editor, eprint/deletion/rest/get:editor, eprint/deletion/rest/put:editor, eprint/inbox/rest/get:owner, eprint/inbox/rest/put:owner, eprint/buffer/rest/get:owner, eprint/archive/rest/get:owner, eprint/deletion/rest/get:owner, user/rest/get:owner, subject/rest/get
saved-searches: saved_search, create_saved_search, saved_search/view:owner, saved_search/edit:owner, saved_search/destroy:owner,
set-password: set-password
staff-view: eprint/inbox/view, eprint/inbox/summary, eprint/inbox/export, eprint/inbox/details, eprint/inbox/history, eprint/buffer/view, eprint/buffer/summary, eprint/buffer/export, eprint/buffer/details, eprint/buffer/history, eprint/archive/view, eprint/archive/export, eprint/archive/details, eprint/archive/history, eprint/deletion/view, eprint/deletion/summary, eprint/deletion/export, eprint/deletion/details, eprint/deletion/history, eprint/search/staff
toolbox: toolbox
view-status: status

Roles used by User Types (as of EPrints 3.4.x)

minuser: general, edit-own-record, saved-searches, set-password, lock-username-to-email
user: general, edit-own-record, saved-searches, set-password, deposit, change-email
editor: general, edit-own-record, saved-searches, set-password, deposit, change-email, editor, view-status, staff-view
admin: general, edit-own-record, saved-searches, set-password, deposit, change-email, editor, view-status, staff-view, admin, edit-config

User Privileges

config

config/add_field

config/edit/perl

config/imports

config/regen_abstracts

config/regen_citations

config/regen_views

config/remove_field

config/test_email

config/view

config/view/apache

config/view/autocomplete

config/view/citation

config/view/namedset

config/view/perl

config/view/phrase

config/view/static

config/view/template

config/view/workflow

config/view/xml

eprint

event_queue

import

indexer

indexer/force_start

indexer/start

indexer/stop

saved_search

staff

staff/user_search

staff/history_search

staff/issue_search

user

create_user

user/destroy

user/details

user/edit

user/history

user/remove

user/staff/edit

user/view

Miscellaneous

datasets

editorial_review

items

set-password

status

toolbox

Privileges for public roles

These privileges available to users without them needing to login. This mainly pertains to REST requests you may or may not want accessible.

+eprint/archive/rest/get: REST request to get metadata for an eprint in the live archive
+eprint/archive/rest/get
REST request to get metadata for a subject in the archive's subject tree.

@@ Line 18: / Line 18: @@
 ;editor
 : datasets, editorial_review, eprint/inbox/view:editor, eprint/inbox/export:editor, eprint/inbox/summary:editor, eprint/inbox/export:editor, eprint/inbox/details:editor, eprint/inbox/history:editor, eprint/inbox/messages:editor, eprint/inbox/remove_with_email:editor, eprint/inbox/move_archive:editor, eprint/inbox/move_buffer:editor, eprint/inbox/use_as_template:editor, eprint/inbox/derive_version:editor, eprint/inbox/edit:editor, eprint/inbox/takelock:editor, eprint/buffer/view:editor, eprint/buffer/export:editor, eprint/buffer/summary:editor, eprint/buffer/export:editor, eprint/buffer/details:editor, eprint/buffer/history:editor, eprint/buffer/messages:editor, eprint/buffer/issues:editor, eprint/buffer/remove_with_email:editor, eprint/buffer/reject_with_email:editor, eprint/buffer/move_inbox:editor, eprint/buffer/move_archive:editor, eprint/buffer/use_as_template:editor, eprint/buffer/derive_version:editor, eprint/buffer/edit:editor, eprint/buffer/takelock:editor, eprint/deletion/view:editor, eprint/deletion/export:editor, eprint/deletion/summary:editor, eprint/deletion/export:editor, eprint/deletion/details:editor, eprint/deletion/history:editor, eprint/deletion/messages:editor, eprint/deletion/move_archive:editor, eprint/deletion/use_as_template:editor, eprint/deletion/derive_version:editor, eprint/deletion/takelock:editor,
-:rest
+;rest
 : eprint/archive/rest/get:editor, eprint/archive/rest/put:editor, eprint/buffer/rest/get:editor, eprint/buffer/rest/put:editor, eprint/inbox/rest/get:editor, eprint/inbox/rest/put:editor, eprint/deletion/rest/get:editor, eprint/deletion/rest/put:editor, eprint/inbox/rest/get:owner, eprint/inbox/rest/put:owner, eprint/buffer/rest/get:owner, eprint/archive/rest/get:owner, eprint/deletion/rest/get:owner, user/rest/get:owner, subject/rest/get
 ;saved-searches
 : saved_search, create_saved_search, saved_search/view:owner, saved_search/edit:owner, saved_search/destroy:owner,
@@ Line 65: / Line 64: @@
 === eprint ===
-Some eprint privileges can be specialised by the '''STATUS''' of the the eprint (e.g. ''inbox'', ''buffer'', ''archive'' or  ''deletion'' and the ''USERTYPE'' (e.g. ''owner'' or ''editor'').  The privilege ''eprint/view'' would allow the user to view any eprint, ''eprint/archive/view'' would only allow them to view eprints in the live archive and ''eprint/inbox/view:owner'' would only allow them to view eprints in the user workarea if they were owned by the user.
-==== create_eprint ====
-Create a new eprint, which will initial appear in that user's workarea.
-==== eprint/STATUS/deposit:USERTYPE ====
-Deposit an eprint.  Typically this would be just changing it status from ''inbox'' to ''buffer'', so the eprint can be reviewed.
-==== eprint/STATUS/derive_version:USERTYPE ====
-Create a new version of a chosen eprint.  Copying the metadata and setting the ''succeeds'' field to that of that chosen eprint.
-==== eprint/STATUS/destroy:USERTYPE ====
-Completely delete an existing eprint.
-==== eprint/STATUS/details:USERTYPE ====
-View the ''Details'' tab for an eprint.
-==== eprint/STATUS/edit:USERTYPE ====
-Edit the metadata for an eprint
-==== eprint/STATUS/export:USERTYPE ====
-Export the metadata for an eprint in one or more different formats.
-==== eprint/STATUS/history:USERTYPE ====
-View the ''History'' tab for an eprint.
-==== eprint/STATUS/issues:USERTYPE ====
-View the ''Issues'' tab for an eprint.
-==== eprint/STATUS/messages:USERTYPE ====
-View the ''Messages'' tab for an eprint.
-==== eprint/STATUS/move_inbox:USERTYPE ====
-Move an eprint back to a user's workarea. (I.e. change its status, normally from ''buffer'' to ''inbox'').
-==== eprint/STATUS/remove:USERTYPE ====
-Retire an eprint by updating its status to ''deletion'', typically from ''inbox''.
-==== eprint/STATUS/request_removal:USERTYPE ====
-Request that an existing eprint is removed, (e.g. because it is a duplicate or has been added erroneously).
-==== eprint/STATUS/rest/get:USERTYPE ====
-An eprint's metadata can be retrieved using the REST API.
-==== eprint/STATUS/rest/put:USERTYPE ====
-An eprint's metadata can be set using the REST API.
-==== eprint/STATUS/view:USERTYPE ====
-View an eprint and a rendering of its metadata
-==== eprint/STATUS/summary:USERTYPE ====
-View the ''Summary''' tab of an eprint.
-==== eprint/STATUS/upsert:USERTYPE ====
-Overwrite the existing metadata for an eprint.  Typically with a PUT request via an API not through the repository's web browser interface.
-==== eprint/STATUS/use_as_template:USERTYPE ====
-Use metadata from a chosen eprint to create a new eprint, which is not a new version of that chosen eprint.
 === event_queue ===
 === import ===