Managing Permissions
Permissions in JMap are divided into two families: permissions for the users of applications (Pro, Web, NG and Survey) and permissions for the administrators (JMap Admin).
User permissions
User permissions determine what the users can do inside JMap Pro, JMap Web, and JMap Survey applications.
The following table presents the different permission groups that are available for the users.
User permissions
Permissions on projects
See section Project Permissions for more information.
Permissions on layers
See section Layer Permissions for more information.
Permissions on personal layers
Create personal layers This permission gives a user the right to create personal layers in JMap Pro applications. By default, JMap users are not allowed to create personal layers. You can configure this permission in subsection Permissions of the JMap Server section.
Permissions on forms
See section Database Forms for more information.
Administrator permissions
Administrator permissions determine what JMap administrators are authorized to do in JMap Admin. Some permissions are global (permissions to do some tasks) while other permissions apply to specific resources.
Several of the global permissions are configured in the Permissions subsection of the JMap Server section.
The following table describes the global administration permissions.
Global administration permissions
Access JMap Admin
This permission is required for an administrator to access JMap Admin.
After the installation of JMap, only the administrator user has this permission.
Note that the password is initially left empty for this user. It is strongly recommended to enter a password for the administrator user. See section Managing User Accounts and Groups for more information on modifying passwords. Also make sure to leave at least one user with this permission and with a known password. Otherwise, it will be impossible to access JMap Admin.
Create database
This permission is required for an administrator to create new databases in JMap Admin.
Create remote connection
This permission is required for an administrator to create new connections to remote JMap Server instances in JMap Admin.
Create deployment
This permission is required for an administrator to create new application deployments in JMap Admin.
Create metadata templates
This permission is required for an administrator to create new metadata templates in JMap Admin.
Create style templates
This permission is required for an administrator to create new style templates in JMap Admin.
Create project
This permission is required for an administrator to create new projects in JMap Admin.
Create data source
This permission is required for an administrator to create new spatial data sources in JMap Admin.
Administration permissions that are specific to resources determine what an administrator can do with each resource. The following table describes those permissions.
Resource specific administration permissions
Access …
The administrator can view the detailed information of a resource and use the resource, but cannot modify it.
Example: To use a spatial data source in order to create a layer, the administrator must at least have the Access permission on the data source.
Administrate …
Allows the administrator to modify the resource and manage the user permissions for the resource. Does not allow the administrator to delete the resource or manage its administration permissions.
Example: To add a layer in a project, the administrator must have the Administrate permission for the project.
Use SQL console
(Applies only to databases) Allows the administrator to use the SQL console on the database. The SQL console is used to show the database structure and to execute SQL queries on the database.
Remote access
Allows the administrator to access the resource from another instance of JMap Server. This permission is generally granted to a generic account used to open communication sessions between different instances of JMap Server. For more information, see sections Sharing Layers and Sharing Spatial Data Sources.
Owners of a resource
Most resources managed in JMap Admin have one or more owners. Owners of a resource are the only ones that are allowed to:
manage administration permissions for the resource;
manage the list of owners for the resource;
delete the resource.
Super administrators
Super administrators are special accounts that can do everything in JMap Admin. They are the only ones who are allowed to:
manage the list of super administrators;
manage global administration permissions;
manage users and groups;
modify JMap Server’s working parameters;
display the log files;
import and export configurations.
You can manage the list of super administrators from subsection Permissions in section JMap Server. Select the Super administrators tab.
The following table presents administration tasks with examples, and indicates which profile or permission is required to perform each task.
Tasks
Super Administrator
Administrator
Access JMap Admin
YES
If permission Access JMap Admin
Manage the list of Super administrators
YES
NO
Manage global administration permissions • Give an administrator permission to create projects • Remove an administrator’s permission to create spatial data sources • Give an administrator permission to create metadata templates for layers.
YES
NO
Perform management tasks for JMap Server • Modify JMap Server’s working parameters (ports, memory, etc.) • Manage users and groups •Import and export JMap Server configurations • View log files or modify their settings
YES
NO Can change user account password
Create a resource • Create a project • Create a database • Create an application deployment
YES
If permission Create …
Use a resource • Use a database to create a spatial data source • Use a data source to create a layer • Use a connection to JMap Server to create a layer by reference
YES
If permission Access …
View detailed information about a resource • Click on a database and view all of its parameters • Click on a project to view all of its parameters
YES
If permission Access …
Modify a resource • Change the name of a project • Add a layer in a project • Modify the connection parameters for a database • Modify the projection of a spatial data source
YES
If permission Administrate …
Delete a resource • Delete a project • Delete an application deployment • Delete a style template
YES
If owner of the resource
Manage user permissions of a resource • Give a user permission to open a project • Give a user permission to edit the elements of a project layer • Remove a user’s permission to copy the data of a project layer
YES
If permission Administrate
Manage the administrator permissions of a resource • Give an administrator permission to use a spatial data source • Give an administrator permission to modify a project • Remove an administrator’s permission to modify a database
YES
If owner of the resource
Manage the list of owners of a resource
YES
If owner of the resource
Permission reports
Permission reports allow you to view all the permissions that a user or a group has on a single report. A permission report is a convenient way to get the information without checking every resource. The reports are accessible from the Users and Groups tabs in the Users / Groups section, by clicking on .
Dernière mise à jour