.. _teams: Teams and Authorization ======================= Permissions to view and edit content on the Grafana installation at ctrend.xfel.eu are controlled through a combination of so-called `teams` and `folders`: :Folders: folders group dashboards and panels into areas of similar contents. Folders exist e.g. for each instrument, or for general topics such as detectors, photon diagnostics, or vacuum. Multiple XFEL groups may be responsible for curating the content of a folder. :Teams: a team is a group of users which should have the same minimum access level to a `Folder`. Hence, teams are assigned to `Folders` with e.g. view-only, or editor access. A given user can be member of multiple teams, and multiple teams may be authorized to access a folder. For the ctrend.xfel.eu installation teams generally map to the folder structure: there are at least two teams configured to access each folder: :View-only teams: users in these teams can view the content, i.e. the dashboards and contents of a folder. They cannot edit existing dashboards, nor can they create new ones. Modification of dates and times to be accessed is possible, but cannot be persisted. Data can be exported, e.g. to CSV. :Editor teams: users in these teams can view the content, i.e. the dashboards and contents of a folder. In addition, they can create new dashboards and panels within the folder the team is assigned to, change date and times a dashboard or panel shows, and also persist this change as the default view. Users can modify existing dashboards and panels, and edit e.g. graphing option. Data can be exported, e.g. to CSV. .. note:: Teams do not strictly relate to XFEL groups: a SPB scientist wanting to view a panel in the MID folder would be added to the MID view-only team to do so. .. note:: Privileges on folders are assigned to Teams by CTRL, and team editors cannot change them. However, the association of Teams to Folders is not expected to change frequently. Users should be added to a team already assigned to a given folder, rather than assigning a new team, and thus many users to that folder. .. table:: Folders at ctrend.xfel.eu and team access to them. View-only teams always have the suffix `-view-only`, even if not indicated in the table. SUPPORT contains alls teams from the DATA and instrumentation departments. ALL contains all teams. ==================== =================================== =================================== Folder View-only teams Editor teams ==================== =================================== =================================== FXE FXE-view-only, SUPPORT FXE, CTRL SPB SPB-view-only, SUPPORT SPB, CTRL MID MID-view-only, SUPPORT MID, CTRL HED HED-view-only, SUPPORT HED, CTRL SCS SCS-view-only, SUPPORT SCS, CTRL SQS SQS-view-only, SUPPORT SQS, CTRL SASE1 ALL VAC, XPD, BKR, CTRL, EEE, XRO SASE2 ALL VAC, XPD, BKR, CTRL, EEE, XRO SASE3 ALL VAC, XPD, BKR, CTRL, EEE, XRO Beckhoff SUPPORT EEE, CTRL Calibration SUPPORT DET, DA, CAL, CTRL Cameras SUPPORT DET, DA, CAL, CTRL DAQ SUPPORT ITDM, CTRL Data Analysis SUPPORT DA, CTRL Detectors SUPPORT DET, CTRL Lasers SUPPORT LAS, EEE, CTRL Photon Diagnostics SUPPORT XPD, CTRL Timing SUPPORT EEE, CTRL Vacuum SUPPORT VAC, CTRL X-ray operations ALL? XO, CTRL ==================== =================================== =================================== .. _team_admin_intro: Team Administration ------------------- For each team at least one priviledged user exists, who can administer the team through the ctrend.xfel.eu interface. Specifically, this user can add new members to the team. Usually, the priviledged users will be the same for both the view-only and editor teams of a given folder. .. note:: Staff wishing to view the content of a folder should contact these priviledged users to be granted access. Please see the table below, for who administers which folder. .. table:: Folders at ctrend.xfel.eu and corresponding priviledged users. ==================== =================================== =================================== Folder View-only team Editor team ==================== =================================== =================================== FXE SPB MID HED SCS SQS SASE1 SASE2 SASE3 Beckhoff S. Hauf -------------------- ----------------------------------------------------------------------- Calibration Cameras S. Hauf -------------------- ----------------------------------------------------------------------- DAQ Data Analysis Detectors Lasers Photon Diagnostics Timing S. Hauf -------------------- ----------------------------------------------------------------------- Vacuum Xray-Operations ==================== =================================== =================================== If you are a priviledged user see :ref:`team_admin` for how to add users to a team. Support Group Teams ------------------- Staff from the DATA and instrumentation department groups will be placed into teams named after their groups. These teams are administratored by priviledged users from the group and should only contain members from the group. These teams will be authorized to minimally view, and in case of need, edit all folders, such as to provide efficient support.