Manage Users (main-menu)
The tabs that are available for Manage Users option in the main menu are described below.
LDAP
The LDAP tab will only appear when user authentication and authorization is controlled by LDAP or Active Directory in the Gathr configuration options.
Listing Page
The superuser can assign global or custom created roles to the existing LDAP groups as per the requirement.
The information and actions displayed for the listed LDAP groups are explained below:
Global LDAP Groups
The global LDAP groups that are created by the superuser from main menu, cannot be deleted in the workspace listing of LDAP tab.
| Field | Description |
|---|---|
| Add LDAP Roles | The Add LDAP Roles option is given at the top right side of the page. It can be used to add new entries for the LDAP group listings |
| Gathr Role | A drop-down option having list of all the global and custom roles. The desired role for the LDAP group must be selected. Example: Workspace Admin, Data Analyst I, Data Analyst II, Read Only, and so on. |
| LDAP Group | Search or enter the LDAP group(s) name that must be assigned with the selected Gathr Role. |
| Action | Option to remove the role assignment done for any specific LDAP group. |
Once the role assignment for required LDAP groups is done, click on the VALIDATE option to cross-check the LDAP group name and SAVE to register the changes.
Roles
This tab contains the list of the out of box global roles and the custom roles that are created using New Role option.
The out of box Global roles are:
System Admin
Workspace Admin
Data Analyst - I
Data Analyst - II
Read Only
Listing Page
The information and actions displayed on the Roles listing page are explained below:
| Field | Description |
|---|---|
| Roles | Name of the roles that are existing in Gathr. |
| Type | Type of role. Global if created from main menu and Custom if created from the workspace menu. |
| Privileges | The number of privileges that are assigned to the particular role. The assigned privileges can be viewed by clicking on the value displayed. |
| Users | The number of users that are assigned with the particular role. The list of users assigned with the particular role can be viewed by clicking on the value displayed. |
| Actions | Options to edit or delete the listed role(s). Note: The out of box roles cannot be deleted. |
Add Roles
The superuser can create new roles using the Add New Role option given on the top right side of the Roles tab.
The configuration details for creation of a new role are described in the table given below:
New Role
| Field | Description |
|---|---|
| Role Name | Unique name of the new role to be created. |
| Load Privilege by Users | Privilege(s) of the existing user(s) selected will instantly load in the Set Privilege section. For any privilege conflicts, load preference is given to Deny > Allow > Revoke. |
| Load Privilege by Roles | Privilege(s) of the existing role(s) selected will instantly load in the Set Privilege section. For any privilege conflicts, load preference is given to Deny > Allow > Revoke. |
| Description | Optional description can be provided. |
Set Privilege
Select and set the role privilege(s), or instantly load privilege(s) of the existing role(s) and user(s) with configuration options explained above. Possible options to set privileges are:
Revoke: Set by default. User(s) assigned with this role will not be able to perform the revoked action(s).
Allow: User(s) assigned with this role will be able to perform the allowed action(s) unrestricted.
Deny: User(s) assigned with this role will not be able to perform the denied action(s).
Revoke and Allow can be changed to any other privilege as required (by providing direct privilege) when the existing roles are later mapped to user(s). But, Deny privilege(s) strictly remain unchanged.
| Workspace | If the role privileges are customized in the Set Privilege section, then the privilege settings for features: Summary, Audit, Project, Cluster, Register Image and Connections can be done in the Workspace section. |
| Project | If the role privileges are customized in the Set Privilege section, then the privilege settings for features: Template, Models, Register Entities, Instances, Data Validation, Workflow, Version Control, Import Export Entities, Sandbox, Pipeline, Compute Environment, Processor Group, Dataset and Applications can be done in the Project section. |
Once the required privilege assignment is done for the new role, click on the CREATE option to register the role in Gathr.
Users
This tab contains the list of the users that are registered with Gathr.
The options available on this tab will be different for LDAP configured user management. The description clearly states the options that will be only visible when Gathr Metastore configuration is used for user management.
Listing Page
The information and actions displayed on the Users listing page are explained below:
| Field | Description |
|---|---|
| Name | Name of the existing user. |
| Workspace Name | Name of the workspace for which the user is assigned. |
| Email Id | The registered email id of the user. Note: Only applicable for Gathr Metastore configuration. |
| Assigned Roles | Type of role that is assigned to the user. |
| Actions | The actions that can be performed are: l Enable/disable user l Edit user details l Edit assigned privileges l Delete user Note: Only applicable for Gathr Metastore configuration. |
Add Users
The superuser can create new users using the New User option given on the top right side of the Users tab.
The configuration details for creation of a new user are described in the table given below:
New User
The new user configuration section is divided in two parts, namely, Add Roles and Add Users. The configuration options for both parts are explained below.
Add Roles
This is an optional part.
If the new user has to be assigned with any of the existing roles, it is possible to do so with Add Roles option.
| Field | Description |
|---|---|
| Select Roles | Privilege(s) of the role(s) selected will instantly load in the Set Privilege section. For any privilege conflicts, load preference is given to Deny > Allow > Revoke. Deny privilege(s) strictly remain unchanged, whereas any additional privilege changes will appear as ‘Direct Privileges’. |
Set Privilege
Revoke: Set by default. User(s) assigned with this role will not be able to perform the revoked action(s).
Allow: User(s) assigned with this role will be able to perform the allowed action(s) unrestricted.
Deny: User(s) assigned with this role will not be able to perform the denied action(s).
| Workspace | The role privileges for features: Summary, Audit, Project, Register Image and Connections will be visible in the Workspace section. |
| Project | The role privileges for features: Models, Register Entities, Data Validation, Workflow, Version Control, Import Export Entities, Sandbox, Pipeline, Processor Group, Compute Environment, Dataset and Applications will be visible in the Project section. |
Add User
Users selected will get assigned with the privilege(s), if configured in the Add Roles page.
| User Name | Unique name for the new user must be provided. |
| Email Id | Email Id of the new user must be provided. |
| Password | Password for the new user must be provided. |
| Confirm Password | Re-type the password. |
| Language | Choose the language, from English (US) and German (DE). |
| Configure Artifactory | The user can configure artifactory by checkmarking the checkbox. Provide Artifactory URL, Username and Password. |
Once the required configuration is done for the new user, click on the CREATE option to register the user in Gathr.
If you have any feedback on Gathr documentation, please email us!