Fez Users Manual
From ADR TechWiki
THIS PAGE IS CURRENTLY UNDER CONSTRUCTION
Users, Groups, and Account Settings
User Accounts offer a way to authenticate, deposit content, and carry out certain activities and tasks, as well as be included in groupings of users. Groups are a great way to assign access controls and configure workflows for larger sets of individuals and objects. Access controls for repositories, collections, records, and files are also set based on types of users and user accounts.
Create New User Accounts
- 1. Log in to the repository as an Administrator.
- 2. Click on the “Administrator” link in the running header beneath the repository banner.
- 3. Click on the “Manage Users” icon or click on “Manage Users” link under the “Areas” heading on the left side bar of the Administrator Page.
- 4. Enter a new Username.
- Note: Entering a username that already exists will generate an error.
- 5. Confirm the name is unique by searching the new username against existing usernames in the search box below the entry form.
- 6. Enter in the new user’s Email.
- 7. Enter in the new user’s Full Name.
- 8. Check “Administrator?” box, if this user account is to be an Administrator. **See User Types for explanation of Administrator permissions.
- 9. Do not check “Use LDAP Authentication?” at this time.
- 10. Create a Password for the new user. Strong passwords are encouraged. We do not currently have the ability to retrieve lost or forgotten passwords, and must reset passwords from another User Account with Administrator privileges.
- 11. Choose one or more Internal System Group(s), if applicable.
- 12. Click the “Create User” button.
Create and Manage User Groups
- 1. Click on Manage Groups in the Areas Section of the Admin Tab.
- 2. Enter the title of the new User Group Name (i.e., Enter "YourFirstName Group" as the title).
- 3. Select and click on the name(s)/user account(s) to be added to the group. To select more than one user, hold down the Ctrl key while you click on all names. Be sure to add yourself to the User Group!
- 4. Click on Create Group.
- 5. Go back to Manage Users. You should see the group you just created in the Internal Systems Group menu. The name(s)/user account(s) of the group members will be highlighted and the user accounts are automatically updated.
- 5. If you click on your Username the Group is highlighted indicating you are part of the group.
Communities, Collections, and Records
Create a Community
- 1. Log in as an administrator.
- 2. Once logged in click on the "Browse" tab.
- 3. Click on "Create New Community".
- 4. In the "Name" box input the title of your community.
- 5. In the "XSD Display Document Types" box select "Collection Version Dublin Core 1.0"
- 6. In both the "Abstract/Summary" and "Keyword(s)" boxes added the information you prefer.
- "Keyword(s)" is a required field while "Abstract/Summary" is optional.
- 7. When all required fields have input values click "Publish"
- 8. You're done!
Create a Collection
- 1. Log in as an administrator.
- 2. Once logged in click on the "Browse" tab.
- 3. Click on the community you wish to add a collection to.
- 4. On the next screen click "Create" with the drop-down box set at Collection.
- 5. In the "Title" box input the title of your collection.
- 6. In the "XSD Display Document Types" box select the XSDs you want usable for this specific collection.
- 7. In the "Member of Communities" box the previous community is already highlighted and selected.
- It is possible to add a collection to multiple communities by highlighting others in the box.
- 8. In both the "Abstract/Summary" and "Keyword(s)" boxes added the information you prefer.
- "Keyword(s)" is a required field while "Abstract/Summary" is optional.
- 9. When all required fields have input values click "Publish"
- 10. You're done!
Add Object Records to Collections
Adding Records via the Browse Method
- 1.Click on the Browse Tab - Notice that there is not “Create New Community” option
- 2.Click on the new community you made. You will see the create collection option, as well as the collection we just approved.
- 3.Click on the collection you made - Now you see the Create button, preceded by a pull down menu, which has three choices – the document, article, and image.
- 4.Click the add new document button, you will see the standard click through license – this can be changed to accommodated institutional preferences.
- 5.Click Accept the License
Access Controls, User Roles, and Permissions
The access permissions control who can view, list, edit and create objects.
Access controls permit or deny the use of a particular digital resource in a particular way by a particular user or group, typically based on authentication and/or authorization mechanisms.
Some content accessible via the repository portals are “Open Access” meaning that the material has limited copyright and licensing restrictions which means anyone, anywhere, with access to the Internet may be able to read, download, copy, and distribute that resource – in its entirety or in some abridged form. There is no need to manage access controls for these types of objects. The repository and Fez will set a default set of "unrestricted" access controls for both the object and the primary content data stream(s) it includes.
Other content is restricted in whole or part by the depositor to a finite group of users (a campus, a class, staff members, a peer group, etc.)
For instance, if want users to view the description of content, but not the content itself, the content depositor can apply some usage and access controls to that file to prevent it from being distributed.
Set Access Controls:
- 1. Login and navigate to one level ABOVE the target object(s).
- Example: Select a collection to view its records and their Shields.
- 2. Click on Padlock/Suitcase icon
- 3. For each Level of Access / User Role section:
- Uncheck "Inherit from Parent"
- Check "Fez Authenticated User", highlight the Group and/or individual Fez User(s) who can have each level of access to a community.
- 4. You must identify groups and/or users allowed to Create, Edit, and Approve. You can press and hold the Ctrl key while clicking to select more than one User/Group.
- You have the option to restrict who can view the object in a results list (Lister), or see the record for the object (Viewer)
- It may also be helpful to set up User Groups of Users who will carry out the same role(s) across the institutional repository.
- 5. Scroll to the bottom of the page and click “Save Changes” button.
Manage User Roles
Access and activity can be limited by a user’s or group’s account. In Fez there are User Types and User Roles. For instance, a user with can be added to the Editor role for a record and can change information submitted in a record, or attach an additional file, but not publish unless they also have been added as a having a Publisher role.
FezACML is designed around a simple rule creation based on roles. Those roles are granted to a user when they satisfy one of the conditions in a role-condition pair.
Administrators can set access controls for each of these levels within their repository portal.
| Level of Access/User Role | Actions |
|---|---|
| Open/No Controls Enabled | Object is freely available for viewing by the general public. |
| Lister | Able to view object in listings and search results. |
| Viewer | Able to view the record for the object (metadata and data streams). If no viewer security rights are set on the object it will be assumed anyone can view the object. If Viewer role is granted to a user they will also gain the Lister role by default. |
| Creator | Able to create new objects (collections, records, data streams) within a community. Synonymous with contributor/depositor. Gaining this role grants the Viewer role as well. |
| Editor | Grants the user access to edit an object and child objects inheriting security. Gaining this role grants the Viewer role as well. |
| Approver | Grants the user access to publish an object from the submission buffer. Gaining this role grants the Viewer role as well. |
| Community Administrator | Grants user full administrative rights in a repository. |
| Commentor | Can leave a comment in a record view. |
| Commentor_Viewer | Can view comments left on a record view. |
| Annotater | TBD |
| Archival_Master_Viewer | Applies to images only at this point in time; Can view/access the archival master of a file stored in the repository |
Icons
When a user has logged in and an account profile that allows them to view security settings for an object, they will see one of the following icons after the object title in ADR listings:
- A suitcase or padlock = Access Controls Icon
For primary content files:
- Yellow Shield = Open Access
- Red Shield = Restricted Access
Set User Permissions
IN PROGRESS
Workflows
IN PROGRESS
Batch Ingest
IN PROGRESS
- METS Explained: ADR METS Profile and Implementation Notes
Search Keys and Configuration
IN PROGRESS
Authentication and Authorization Configurations
IN PROGRESS
Authentication Configurations
1. Fez Login
The most basic, and the “stand-alone” one supported by Fez. For this method, User accounts with a Fez Username and password are manually created and assigned to individuals or Groups. You must enter the Username and password to access your repository using Fez Login.
2. Self-Register
Another option is to allow Users to Self-Register; however, Self-Registered Users still need to be “managed” before they can create a new object. Self-registering can allow unmanaged access to restricted viewing of objects, if desired. Institutions may choose whether or not to support this feature depending on local practices of workflows, and levels of access and control for managing repository digital collections.
3. Shibboleth Authentication
Fez also can support Shibboleth authentication and we are working with the interested institutions to implement and support at the Alliance-level. Benefits to this include being able to use your campus login (not manage multiple accounts), as well as, from the collection administrator stand-point – mass assign creation and viewing privileges – like anyone with a type “student” can submit, but not publish, to a collection – and only people who are either faculty, student, or staff can view.
Note: Although Fez supports LDAP authentication it does not secure LDAP. ADR recommends using Shibboleth authentication in place of LDAP.
Authorization Configurations
IN PROGRESS
Display Options
IN PROGRESS
Customizing the "Look and Feel"
Please visit the Fez Documentation page for information on branding the "look and feel" of your digital repository portal. Here you will find instructions for:
- Fez Instance Customization Using the Color.Config File
- Adding a Navigation Bar or Horizontal Menu
- Changing Banner Background
- Adding a Banner Image with a Logo
Glossary
Repository services have their own lingo, which the ADR uses throughout the ADR Wiki. Visit the Glossary for definitions of repository-specific terms. If you come across a term that isn't included in the glossary please let us know so we can update the list.
other...?
Bridget 18:41, 30 September 2009 (MDT)
