Difference between revisions of "DRS User Guide/Grouper"
(14 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | <center><span style="font-size:150%">Access and Rights Management</span> | + | ''This page is no longer being updated.'' |
+ | |||
+ | ''The content of this page was saved elsewhere on August 22, 2018. This page can be removed.'' | ||
+ | |||
+ | <center><span style="font-size:150%">Access and Rights Management</span></center> | ||
Line 9: | Line 13: | ||
<span style="font-size:120%">When DRS users create collections or deposit material in the DRS they have the option of making the collection or file public or restricting access to only certain users and dictating who can discover, view, or download (in the case of files). Most files and collections are “public” and are therefore discoverable through searching and browsing, and files can be viewed any downloaded by anyone. Some DRS collections and files are “private” and are viewable only by the individual who created the collection or uploaded the file to the DRS. Others are “private”, but specific people and groups have been granted access to discover, view, and download.</span> | <span style="font-size:120%">When DRS users create collections or deposit material in the DRS they have the option of making the collection or file public or restricting access to only certain users and dictating who can discover, view, or download (in the case of files). Most files and collections are “public” and are therefore discoverable through searching and browsing, and files can be viewed any downloaded by anyone. Some DRS collections and files are “private” and are viewable only by the individual who created the collection or uploaded the file to the DRS. Others are “private”, but specific people and groups have been granted access to discover, view, and download.</span> | ||
===Public vs. Private=== | ===Public vs. Private=== | ||
− | |||
− | |||
− | |||
− | |||
− | '''Private''' collections and files: | + | :<span style="font-size:115%">'''Public''' collections and files:</span> |
− | * will not be indexed by Google | + | * <span style="font-size:110%">can be found in DRS search and browse sessions</span> |
− | * users who are authorized to view and download the files must sign in to the DRS before accessing the file | + | * <span style="font-size:110%">will be indexed by Google</span> |
+ | * <span style="font-size:110%">can be shared with anyone</span> | ||
+ | |||
+ | :<span style="font-size:115%">'''Private''' collections and files:</span> | ||
+ | * <span style="font-size:110%">will not be indexed by Google | ||
+ | * <span style="font-size:110%">will be hidden from users who are not authorized to view and download the files. Authorized users must sign in to the DRS before accessing the file.</span> | ||
===Read vs. Edit Permissions=== | ===Read vs. Edit Permissions=== | ||
− | The DRS maintains two different access states, read and edit. | + | <span style="font-size:110%">The DRS maintains two different access states, read and edit.</span> |
− | Users who have '''Read''' access for a community, collection, or file can: | + | <span style="font-size:110%">Users who have '''Read''' access for a community, collection, or file can:</span> |
− | * find a file through keyword searches | + | * <span style="font-size:110%">find a file through keyword searches</span> |
− | * find a file through by browsing | + | * <span style="font-size:110%">find a file through by browsing</span> |
− | * view the full metadata for a file | + | * <span style="font-size:110%">view the full metadata for a file</span> |
− | * download the file | + | * <span style="font-size:110%">download the file</span> |
− | Users who have '''Edit''' access can: | + | <span style="font-size:110%">Users who have '''Edit''' access can:</span> |
− | * find a file through keyword searches | + | * <span style="font-size:110%">find a file through keyword searches</span> |
− | * find a file through by browsing | + | * <span style="font-size:110%">find a file through by browsing</span> |
− | * view the full metadata for a file | + | * <span style="font-size:110%">view the full metadata for a file</span> |
− | * download the file | + | * <span style="font-size:110%">download the file</span> |
− | * edit the file's metadata | + | * <span style="font-size:110%">edit the file's metadata</span> |
==Managing Private Files Using Groups== | ==Managing Private Files Using Groups== | ||
− | <span style="font-size: | + | <span style="font-size:120%">The Northeastern University community changes regularly as new members join and leave, which requires the DRS to be as flexible as possible when managing access rights. To accommodate our fluid community, the DRS assigns read and access permissions for files to designated groups, rather than to individuals. This ensures access to files is not dependent on any one Northeastern community member, and it also minimizes the number of changes made to the file that manages access rights.</span> |
===About Grouper=== | ===About Grouper=== | ||
− | [http://www.internet2.edu/products-services/trust-identity-middleware/grouper Grouper] is a team management tool supported by Information Technology Services that allows users to easily create and manage lists of people, and the DRS uses this tool to manage groups with access to DRS collections and files. Once a group is created in Grouper it can be used in the DRS to set viewing and metadata editing privileges for collections and for files. The advantage to using Grouper to define your group is that it only needs to be managed in Grouper, and as an administrator of your group, you, not DRS staff, have control over who can access your, or your community’s, files or collections. | + | <span style="font-size:110%">[http://www.internet2.edu/products-services/trust-identity-middleware/grouper Grouper] is a team management tool supported by Information Technology Services that allows users to easily create and manage lists of people, and the DRS uses this tool to manage groups with access to DRS collections and files. Once a group is created in Grouper it can be used in the DRS to set viewing and metadata editing privileges for collections and for files. The advantage to using Grouper to define your group is that it only needs to be managed in Grouper, and as an administrator of your group, you, not DRS staff, have control over who can access your, or your community’s, files or collections.</span> |
====Accessing Grouper==== | ====Accessing Grouper==== | ||
− | To start curating groups in Grouper, visit https://neuidmsso.neu.edu/grouper and sign in with your MyNEU credentials. Although all NU staff have access to Grouper, you must be granted specific access to the DRS group. Please contact [http://dsg.neu.edu/wiki/DRS_User_Guide/Help DRS staff] for access to the DRS Grouper group. | + | <span style="font-size:110%">To start curating groups in Grouper, visit https://neuidmsso.neu.edu/grouper and sign in with your MyNEU credentials. Although all NU staff have access to Grouper, you must be granted specific access to the DRS group. Please contact [http://dsg.neu.edu/wiki/DRS_User_Guide/Help DRS staff] for access to the DRS Grouper group.</span> |
====Grouper Elements==== | ====Grouper Elements==== | ||
− | Grouper groups are organized into folders, groups, and entities: | + | <span style="font-size:110%">Grouper groups are organized into folders, groups, and entities:</span> |
{| style="margin-left: 10px;" | {| style="margin-left: 10px;" | ||
Line 69: | Line 74: | ||
[[File:GrouperLeftnav.png|thumb|160px|right|Left Navigation]] | [[File:GrouperLeftnav.png|thumb|160px|right|Left Navigation]] | ||
− | <span style="font-size: | + | <span style="font-size:110%">The left navigation column contains two sections, "Quick Links" and "Browse Folders". Users may use the Quick Links section to navigate directly to the groups and folders they have access to.</span> |
− | <span style="font-size: | + | <span style="font-size:110%">Users may also use the Browse Folders section to browse Northeastern's full Grouper folder and group structure. To find the DRS folder, click the "+" to the left of the "Root" folder (the primary Northeastern folder), then click the "+" to the left of the "drs" folder. This will expand the "drs" folder and display all of the available DRS folders.</span> |
− | <span style="font-size: | + | <span style="font-size:110%">The DRS folders are loosely structured according to the Northeastern University community structure, with some exceptions for DRS administrative groups and a few older, migrated groups.</span> |
===Creating Groups=== | ===Creating Groups=== | ||
− | DRS Grouper groups are created and managed by DRS administrative staff. Once a DRS staff member has added you to an existing group as an administrator, you can start managing that group. | + | <span style="font-size:110%">DRS Grouper groups are created and managed by DRS administrative staff. Once a DRS staff member has added you to an existing group as an administrator, you can start managing that group.</span> |
===Adding Users=== | ===Adding Users=== | ||
− | Grouper is connected to the Northeastern University authentication system, which means only users that exists in the central authentication system can be added to a Grouper group. If you would like to add someone from outside the Northeastern community to a group, you will need to sponsor an account for that user. | + | <span style="font-size:110%">Grouper is connected to the Northeastern University authentication system, which means only users that exists in the central authentication system can be added to a Grouper group. If you would like to add someone from outside the Northeastern community to a group, you will need to sponsor an account for that user.</span> |
====To add a single user==== | ====To add a single user==== | ||
− | + | ||
− | * Navigate to the desired group | + | {| style="margin-left: 10px;" |
− | * Click the "+ Add members" button to the right of the group name | + | | |
− | * Search for the person you would like to add using the first part of his or her Northeastern email address (i.e. sj.sweeney or j.flanders) | + | | |
− | * Select the person you would like to add | + | |- |
− | * Use the radio button to select "Default privileges" or "Custom privileges" | + | | |
− | ** "Default privileges" will only allow the person to view the list of group names. Selecting "Default privilege" grants viewing privileges for the Grouper group, not DRS materials. | + | * <span style="font-size:110%">Navigate to the desired group</span> |
− | ** Use the "Custom privileges" option to add other "Update" users to the group. Update users may add and remove users from the Group. Selecting "Custom privileges" grants administrative privileges for the Grouper group, not DRS materials. | + | * <span style="font-size:110%">Click the "+ Add members" button to the right of the group name</span> |
− | * Click the "Add" button | + | * <span style="font-size:110%">Search for the person you would like to add using the first part of his or her Northeastern email address (i.e. sj.sweeney or j.flanders)</span> |
+ | * <span style="font-size:110%">Select the person you would like to add</span> | ||
+ | * <span style="font-size:110%">Use the radio button to select "Default privileges" or "Custom privileges"</span> | ||
+ | ** <span style="font-size:110%">"Default privileges" will only allow the person to view the list of group names. Selecting "Default privilege" grants viewing privileges for the Grouper group, not DRS materials.</span> | ||
+ | ** <span style="font-size:110%">Use the "Custom privileges" option to add other "Update" users to the group. Update users may add and remove users from the Group. Selecting "Custom privileges" grants administrative privileges for the Grouper group, not DRS materials.</span> | ||
+ | * <span style="font-size:110%">Click the "Add" button</span> | ||
+ | | | ||
+ | | [[File:GrouperAddsingleuser.png|thumb|400px|center]] | ||
+ | |} | ||
+ | |||
+ | |||
====To add multiple users==== | ====To add multiple users==== | ||
− | * Navigate to the desired group | + | * <span style="font-size:110%">Navigate to the desired group</span> |
− | * Click the "+ Add members" button to the right of the group name | + | * <span style="font-size:110%">Click the "+ Add members" button to the right of the group name</span> |
− | * Click "import a list of members" to the right of the "Add" button | + | * <span style="font-size:110%">Click "import a list of members" to the right of the "Add" button</span> |
− | * Select | + | * <span style="font-size:110%">Select the desired method to add multiple members:</span> |
+ | |||
+ | |||
+ | {| style="margin-left: 10px;" | ||
+ | |+<span style="font-size:115%">'''Copy/paste a list of member IDs'''</span> | ||
+ | | | ||
+ | | | ||
+ | |- | ||
+ | | | ||
+ | * <span style="font-size:110%">Paste in the box a list of member IDs (the first part of the user's Northeastern email address)</span> | ||
+ | * <span style="font-size:110%">Click "Validate entities"</span> | ||
+ | * <span style="font-size:110%">If you would like to replace all members in a group with this list, check the "Replace existing members?" box</span> | ||
+ | * <span style="font-size:110%">Click "Add Members"</span> | ||
+ | * <span style="font-size:110%">View the "import results" report to confirm your additions were successful</span> | ||
+ | | | ||
+ | | [[File:GrouperBulkmemberids.png|thumb|400px|center]] | ||
+ | |} | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | = | + | |
− | + | {| style="margin-left: 10px;" | |
− | * Create a new text file with the text "entityIdOrIdentifier" in the first line | + | |+<span style="font-size:115%">'''Import A File'''</span> |
− | * Enter each new member's ID ((the first part of the user's Northeastern email address)) on their own line in the text file | + | | |
− | * Use the "Select a file to import" "Choose File" option to upload your file | + | | |
− | * If you would like to replace all members in a group with this file, check the "Replace existing members?" box | + | |- |
− | * Click "Add Members" | + | | |
− | * View the "import results" report to confirm your additions were successful | + | * <span style="font-size:110%">Create a new text file with the text "entityIdOrIdentifier" in the first line</span> |
+ | * <span style="font-size:110%">Enter each new member's ID ((the first part of the user's Northeastern email address)) on their own line in the text file</span> | ||
+ | * <span style="font-size:110%">Use the "Select a file to import" "Choose File" option to upload your file</span> | ||
+ | * <span style="font-size:110%">If you would like to replace all members in a group with this file, check the "Replace existing members?" box</span> | ||
+ | * <span style="font-size:110%">Click "Add Members"</span> | ||
+ | * <span style="font-size:110%">View the "import results" report to confirm your additions were successful</span> | ||
+ | | | ||
+ | | [[File:GrouperBulkchoosefile.png|thumb|400px|center]] | ||
+ | |} | ||
===Removing Users=== | ===Removing Users=== | ||
− | + | ||
− | * Navigate to the desired group | + | {| style="margin-left: 10px;" |
− | * Open the "Members" tab (this tab is often the default tab) | + | | |
− | * Check the box to the left of the name you would like to remove from the group | + | | |
− | * Click the "Remove selected members" button | + | |- |
+ | | | ||
+ | * <span style="font-size:110%">Navigate to the desired group</span> | ||
+ | * <span style="font-size:110%">Open the "Members" tab (this tab is often the default tab)</span> | ||
+ | * <span style="font-size:110%">Check the box to the left of the name you would like to remove from the group</span> | ||
+ | * <span style="font-size:110%">Click the "Remove selected members" button</span> | ||
+ | | | ||
+ | | [[File:GrouperRemoveusers.png|thumb|400px|center]] | ||
+ | |} | ||
==Grouper in the DRS== | ==Grouper in the DRS== | ||
− | Once a group a user has been added as member of a Grouper Group, that information becomes part of the record passed from the University's authentication system to the DRS. When a user signs in, the DRS reads the list of Grouper groups that user belongs to and determines what DRS materials he or she can read or edit. | + | <span style="font-size:115%">Once a group a user has been added as member of a Grouper Group, that information becomes part of the record passed from the University's authentication system to the DRS. When a user signs in, the DRS reads the list of Grouper groups that user belongs to and determines what DRS materials he or she can read or edit.</span> |
===Grouper Names and Paths=== | ===Grouper Names and Paths=== | ||
− | Grouper groups are identified by their "ID path", which is that group's unique string of folder and group names. This path is formatted as a series of names separated by colons, and in the DRS they will always begin with "northeastern:drs" : | + | <span style="font-size:110%">Grouper groups are identified by their "ID path", which is that group's unique string of folder and group names. This path is formatted as a series of names separated by colons, and in the DRS they will always begin with "northeastern:drs" :</span> |
− | '''College of Engineering's BSPIRAL Research Group''' | + | :<span style="font-size:110%">'''College of Engineering's BSPIRAL Research Group'''</span> |
− | <code>northeastern:drs:college_of_engineering:electrical_and_computer_engineering:bspiral</code> | + | ::<code><span style="font-size:110%">northeastern:drs:college_of_engineering:electrical_and_computer_engineering:bspiral</span></code> |
− | '''Northeastern University Libraries Digital Scholarship Group''' | + | :<span style="font-size:110%">'''Northeastern University Libraries Digital Scholarship Group'''</span> |
− | <code>northeastern:drs:library:dsg</code> | + | ::<code><span style="font-size:110%">northeastern:drs:library:dsg</span></code> |
− | To view the ID path, group description, or other information about the group or folder, click "More" beneath the tile and description in Grouper: | + | <span style="font-size:110%">To view the ID path, group description, or other information about the group or folder, click "More" beneath the tile and description in Grouper:</span> |
[[File:GrouperMore.png|thumb|600px|center]] | [[File:GrouperMore.png|thumb|600px|center]] | ||
===Giving Permissions to Groups in the DRS=== | ===Giving Permissions to Groups in the DRS=== | ||
− | In the DRS, users can assign read or edit access to a particular group for a file or collection in the DRS by selecting the Grouper ID path from the Permissions section on the bottom right of the Upload or Edit page for files or Add or Manage page for Collections: | + | <span style="font-size:110%">In the DRS, users can assign read or edit access to a particular group for a file or collection in the DRS by selecting the Grouper ID path from the Permissions section on the bottom right of the Upload or Edit page for files or Add or Manage page for Collections:</span> |
[[File:GrouperDrspermissions.png|thumb|600px|center]] | [[File:GrouperDrspermissions.png|thumb|600px|center]] | ||
− | (''Improving the readability of the ID path display is planned for future DRS development'') | + | <span style="font-size:110%">(''Improving the readability of the ID path display is planned for future DRS development'')</span> |
− | Group permissions are itemized in a list, with the particular permission assignment listed below the group. For example, the permission statement below indicates that Northeastern University Staff (<code>northeastern:drs:staff</code>) are allowed to discover, view, and download the file, and Northeastern University Marketing and Communications Staff (<code>northeastern:drs:marketing_and_communications:staff</code>) are allowed to edit the file's metadata: | + | <span style="font-size:110%">Group permissions are itemized in a list, with the particular permission assignment listed below the group. For example, the permission statement below indicates that Northeastern University Staff (<code>northeastern:drs:staff</code>) are allowed to discover, view, and download the file, and Northeastern University Marketing and Communications Staff (<code>northeastern:drs:marketing_and_communications:staff</code>) are allowed to edit the file's metadata:</span> |
[[File:GrouperDrspermissionsitems.png|thumb|600px|center]] | [[File:GrouperDrspermissionsitems.png|thumb|600px|center]] | ||
− | To add permissions for another Grouper group, navigate to the empty field at the bottom of the list of groups and select the appropriate group from the list, then select either "Read" or "Edit" from the second list below: | + | <span style="font-size:110%">To add permissions for another Grouper group, navigate to the empty field at the bottom of the list of groups and select the appropriate group from the list, then select either "Read" or "Edit" from the second list below:</span> |
[[File:GrouperDrspermissionsnew.png|thumb|600px|center]] | [[File:GrouperDrspermissionsnew.png|thumb|600px|center]] | ||
− | To add another permission, click "Add Permission." | + | <span style="font-size:110%">To add another permission, click "Add Permission."</span> |
− | It is important to know that you can only assign privileges to the groups you are a member of yourself. If you need to assign privileges to a group you do not belong to, please contact [http://dsg.neu.edu/wiki/DRS_User_Guide/Help DRS staff]. | + | <span style="font-size:110%">It is important to know that you can only assign privileges to the groups you are a member of yourself. If you need to assign privileges to a group you do not belong to, please contact [http://dsg.neu.edu/wiki/DRS_User_Guide/Help DRS staff].</span> |
<br /> | <br /> | ||
---- | ---- |
Latest revision as of 13:01, 22 August 2018
This page is no longer being updated.
The content of this page was saved elsewhere on August 22, 2018. This page can be removed.
Restricting DRS Materials
When DRS users create collections or deposit material in the DRS they have the option of making the collection or file public or restricting access to only certain users and dictating who can discover, view, or download (in the case of files). Most files and collections are “public” and are therefore discoverable through searching and browsing, and files can be viewed any downloaded by anyone. Some DRS collections and files are “private” and are viewable only by the individual who created the collection or uploaded the file to the DRS. Others are “private”, but specific people and groups have been granted access to discover, view, and download.
Public vs. Private
- Public collections and files:
- can be found in DRS search and browse sessions
- will be indexed by Google
- can be shared with anyone
- Private collections and files:
- will not be indexed by Google
- will be hidden from users who are not authorized to view and download the files. Authorized users must sign in to the DRS before accessing the file.
Read vs. Edit Permissions
The DRS maintains two different access states, read and edit.
Users who have Read access for a community, collection, or file can:
- find a file through keyword searches
- find a file through by browsing
- view the full metadata for a file
- download the file
Users who have Edit access can:
- find a file through keyword searches
- find a file through by browsing
- view the full metadata for a file
- download the file
- edit the file's metadata
Managing Private Files Using Groups
The Northeastern University community changes regularly as new members join and leave, which requires the DRS to be as flexible as possible when managing access rights. To accommodate our fluid community, the DRS assigns read and access permissions for files to designated groups, rather than to individuals. This ensures access to files is not dependent on any one Northeastern community member, and it also minimizes the number of changes made to the file that manages access rights.
About Grouper
Grouper is a team management tool supported by Information Technology Services that allows users to easily create and manage lists of people, and the DRS uses this tool to manage groups with access to DRS collections and files. Once a group is created in Grouper it can be used in the DRS to set viewing and metadata editing privileges for collections and for files. The advantage to using Grouper to define your group is that it only needs to be managed in Grouper, and as an administrator of your group, you, not DRS staff, have control over who can access your, or your community’s, files or collections.
Accessing Grouper
To start curating groups in Grouper, visit https://neuidmsso.neu.edu/grouper and sign in with your MyNEU credentials. Although all NU staff have access to Grouper, you must be granted specific access to the DRS group. Please contact DRS staff for access to the DRS Grouper group.
Grouper Elements
Grouper groups are organized into folders, groups, and entities:
The left navigation column contains two sections, "Quick Links" and "Browse Folders". Users may use the Quick Links section to navigate directly to the groups and folders they have access to.
Users may also use the Browse Folders section to browse Northeastern's full Grouper folder and group structure. To find the DRS folder, click the "+" to the left of the "Root" folder (the primary Northeastern folder), then click the "+" to the left of the "drs" folder. This will expand the "drs" folder and display all of the available DRS folders.
The DRS folders are loosely structured according to the Northeastern University community structure, with some exceptions for DRS administrative groups and a few older, migrated groups.
Creating Groups
DRS Grouper groups are created and managed by DRS administrative staff. Once a DRS staff member has added you to an existing group as an administrator, you can start managing that group.
Adding Users
Grouper is connected to the Northeastern University authentication system, which means only users that exists in the central authentication system can be added to a Grouper group. If you would like to add someone from outside the Northeastern community to a group, you will need to sponsor an account for that user.
To add a single user
|
To add multiple users
- Navigate to the desired group
- Click the "+ Add members" button to the right of the group name
- Click "import a list of members" to the right of the "Add" button
- Select the desired method to add multiple members:
|
|
Removing Users
|
Grouper in the DRS
Once a group a user has been added as member of a Grouper Group, that information becomes part of the record passed from the University's authentication system to the DRS. When a user signs in, the DRS reads the list of Grouper groups that user belongs to and determines what DRS materials he or she can read or edit.
Grouper Names and Paths
Grouper groups are identified by their "ID path", which is that group's unique string of folder and group names. This path is formatted as a series of names separated by colons, and in the DRS they will always begin with "northeastern:drs" :
- College of Engineering's BSPIRAL Research Group
northeastern:drs:college_of_engineering:electrical_and_computer_engineering:bspiral
- Northeastern University Libraries Digital Scholarship Group
northeastern:drs:library:dsg
To view the ID path, group description, or other information about the group or folder, click "More" beneath the tile and description in Grouper:
Giving Permissions to Groups in the DRS
In the DRS, users can assign read or edit access to a particular group for a file or collection in the DRS by selecting the Grouper ID path from the Permissions section on the bottom right of the Upload or Edit page for files or Add or Manage page for Collections:
(Improving the readability of the ID path display is planned for future DRS development)
Group permissions are itemized in a list, with the particular permission assignment listed below the group. For example, the permission statement below indicates that Northeastern University Staff (northeastern:drs:staff
) are allowed to discover, view, and download the file, and Northeastern University Marketing and Communications Staff (northeastern:drs:marketing_and_communications:staff
) are allowed to edit the file's metadata:
To add permissions for another Grouper group, navigate to the empty field at the bottom of the list of groups and select the appropriate group from the list, then select either "Read" or "Edit" from the second list below:
To add another permission, click "Add Permission."
It is important to know that you can only assign privileges to the groups you are a member of yourself. If you need to assign privileges to a group you do not belong to, please contact DRS staff.
DRS | https://repository.library.northeastern.edu/ | |
Resources | http://dsg.neu.edu/resources/drs | |
Contact | Library-Repository-Team[@]neu.edu |