These chapters indicate some of the main areas that can require developer interaction. For end user documentation, please see the document created by Sigita.
The idea of EventR is to be the leading eventr calendar of all our community. To make this possible, we can allow external users access to manage their own events using EventR. Since we use federated authentication, this is a relatively easy process.

Requesting Access

  • To request access a user visits: https://eventr.geant.org/request_access
  • This redirects them to our SPP page where they sign in using one of the federated options.
  • After successful sign in, the user has to select which organisation they represent. This list is populated from the nrens table (see db/schema.rb). For an example of how to populate this data from a csv file see the rake job: lib/tasks/import_nrens.rake. If a user can't find their organsation in the list, simply add it to the nrens table.
  • Hitting submit will send an email to sysadmin@terena.org with the subject "New user request for EventR"
  • This email contains all the details to add the user to the production database, eg:

    • User: someone.other@renater.fr (tal_id: xxx)

      User.find(xxx).update(roles: ["member"])
  • Double check the tal_id with the details of the users email address to make sure that person actually is who they claim to be. You can do this by signing in to the SPP backend and doing a simply db lookup on tal_id. To do so:
        1. SSH to login.terena.org
        2. Connect to db:  sudo -u postgres psql
        3. (Optional): "\l" lists all databases
        4. Connect to account_linker_dev1: "\connect account_linker_dev1;"
        5. (Optional): "\d" describes the database (account_linker_dev1)
        6. run this query: select * from vw_attributes_new where user_id=1398; ### this is the user_id we receive by email when a user requests access
  • If you are in doubt if the user really needs to have permission check with someone who might know this person, or the partner relations team if they really need access.
  • SSH to the EventR production server (eventr-prod.geant.org) and:
    • sudo su - eventr
    • cd /var/www/eventr-prod
    • RAILS_ENV=production rails c
  • In the RAILS console, perform the query in the email, so: User.find(xxx).update(roles: ["member"])
  • After you add the user, make sure to send them a personalized email welcoming them to EventR and thanking them for helping us make the tool even better. It's all about the users, so we should be as forthcoming as possible as they are helping us to increase the quality of the data we have in EventR.


Permissions


EventR has four levels of permissions:

  • guest
  • member
  • groupadmin
  • admin

See app/models/permission.rb for what users in those groups are allowed to do.

A user has a role (required) and can belong to a group. (See db/schema.rb)

The basic premise is that a user can belong to a group which can be managed by a group admin. Users within this group have 'sandboxed' events and a group admin can manage the events only within that group. 

So far the only groups that exist are "TERENA GEANT" but this can easily be extended to more by editing the GROUPS constant in app/models/user.rb

Reporting


Reports are automatically generated and are available to everyone within the GEANT group.So if you hear "WHAT REPORTS?": User.find_by(tal_id: xxx).update(group: "GEANT") Note that these reports will be migrated to the Insight Portal.




  • No labels