I believe that the IPT ADMIN/MANAGER level control is now resolved with the proposed functionality of "a) The preference would be to allow the ADMIN to provide Registration privileges to individual MANAGERS ".

When a node manager endorses an institution can decide within the IPT installation a configuration model giving the institutional data provider the top Admin privileges or the Manager privileges with or without Registration privilege.
However, in my opinion the hole idea of endorsement of an institution with it’s own provider means actually that  subsequent datasets to be automatically detected and harvested, without the Node manager intervention for each of them.

These user rights endorsements are much more powerful implemented at the registry level, of course. But in this case where is going to be maintained all these users and their rights: centrally, within the registry or at the Node manager/IPT level or both places like it looks it will be the case now? It is no doubt for me that the user rights implementation at the registry level is much more powerful but the maintenance of all of the subsequent users can be an overkill and has to be taken into account for the registry development.

Mihail

On 9/15/10 13:37 PM, "Tim Robertson (GBIF)" <trobertson@gbif.org> wrote:

I missed this one in my previous response,

This relates to the endorsement model employed in GBIF.  Currently a Node is required to endorse an Institution, after which any resources made available through that institution are automatically picked up and indexed in the global portal.

This discussion actually goes beyond the scope of the IPT, and into the Registry as Dag and Hannu hint at.  For the purposes of the IPT, I believe the proposed functionality of "a) The preference would be to allow the ADMIN to provide Registration privileges to individual MANAGERS " would satisfy the level of control needed in an IPT installation, but that we need to consider the cascading endorsement model further in the registry - e.g. when a node manager endorses an Institution, should subsequent datasets be automatically detected and harvested, or should a Node manager be offered that fine grained control.

If my understanding above captures this correctly, could I please propose that the IPT ADMIN/MANAGER level control is resolved, but this requirement be captured for the Registry development?  Your advice on this is greatly appreciated!

Thanks,
Tim




On Sep 15, 2010, at 11:47 AM, Hannu Saarenmaa wrote:

Both of these suggestions will probably work fine. But controlling things at the registry as Dag suggest might be more powerful.  I just want to be able to check in advance what resources gets listed on Data Portal for our institution.  Blocking publishing at IPT may not achieve this, if there are multiple servers, like there is.

Hannu

On 2010-09-15 10:56, Dag Terje Filip Endresen wrote:
Hi Tim and Hannu,

Would it be useful to register this setting for the data provider to the GBRDS - so that the NODE can set a "default" permission that will allow the data provider to install an independent IPT instance to publish from if they wish to. So that the data hosting center can host datasets from distributed data providers that themselves may want to "upgrade" to have their own IPT later on. The NODE admin could thus get an overview of resources endorsed by the NODE from the GBRDS...?

Cheers
Dag


From: Tim Robertson (GBIF) [mailto:trobertson@gbif.org]
To: ipt@lists.gbif.org
Sent: Wed, 15 Sep 2010 09:43:28 +0200
Subject: [IPT] Functionality request: ADMIN checking data before GBIF registration

Hi all,

Hannu has raised a request for the following to be satisfied by the IPT:
"- Publishing a resource must be accepted by the owner of the
provider. It has happened that a test user publishes something odd
which goes all the way to the data portal without nobody controlling
it."

This is a contradiction to the requests of others, and specifically
those wishing to promote basic "data hosting centers", who request
that a data MANAGER should be able to work autonomously.

After discussion with the developers the proposal is to implement the
following, which we hope satisfies both requirements:
In the Administration section, an ADMIN can choose to enable or
disable the ability for MANAGERS to register resources with GBIF. By
default MANAGERS can register a resource, but an ADMIN can disable
this through this check box.

If anyone has any concerns or comments on this approach, please can
you raise them on this list?

Many thanks,
Tim






_______________________________________________
IPT mailing list
IPT@lists.gbif.org
http://lists.gbif.org/mailman/listinfo/ipt

_______________________________________________
IPT mailing list
IPT@lists.gbif.org
http://lists.gbif.org/mailman/listinfo/ipt