Managing Permissions

Permissions in JMap are divided into two families: permissions for the users of applications (Pro, Web, NG and Survey) and permissions for the administrators (JMap Admin).

User permissions

User permissions determine what the users can do inside JMap Pro, JMap Web, and JMap Survey applications.

The following table presents the different permission groups that are available for the users.

User permissions

Permissions on projects

See section for more information.

Permissions on layers

See section for more information.

Permissions on personal layers

Create personal layers This permission gives a user the right to create personal layers in JMap Pro applications. By default, JMap users are not allowed to create personal layers. You can configure this permission in subsection Permissions of the JMap Server section.

Permissions on forms

See section for more information.

Administrator permissions

Administrator permissions determine what JMap administrators are authorized to do in JMap Admin. Some permissions are global (permissions to do some tasks) while other permissions apply to specific resources.

Several of the global permissions are configured in the Permissions subsection of the JMap Server section.

The following table describes the global administration permissions.

Global administration permissions

Access JMap Admin

This permission is required for an administrator to access JMap Admin.

After the installation of JMap, only the administrator user has this permission.

Note that the password is initially left empty for this user. It is strongly recommended to enter a password for the administrator user. See section for more information on modifying passwords. Also make sure to leave at least one user with this permission and with a known password. Otherwise, it will be impossible to access JMap Admin.

Create database

This permission is required for an administrator to create new databases in JMap Admin.

Create remote connection

This permission is required for an administrator to create new connections to remote JMap Server instances in JMap Admin.

Create deployment

This permission is required for an administrator to create new application deployments in JMap Admin.

Create metadata templates

This permission is required for an administrator to create new metadata templates in JMap Admin.

Create style templates

This permission is required for an administrator to create new style templates in JMap Admin.

Create project

This permission is required for an administrator to create new projects in JMap Admin.

Create data source

This permission is required for an administrator to create new spatial data sources in JMap Admin.

Administration permissions that are specific to resources determine what an administrator can do with each resource. The following table describes those permissions.

Resource specific administration permissions

Access …

The administrator can view the detailed information of a resource and use the resource, but cannot modify it.

Example: To use a spatial data source in order to create a layer, the administrator must at least have the Access permission on the data source.

Administrate …

Allows the administrator to modify the resource and manage the user permissions for the resource. Does not allow the administrator to delete the resource or manage its administration permissions.

Example: To add a layer in a project, the administrator must have the Administrate permission for the project.

Use SQL console

(Applies only to databases) Allows the administrator to use the SQL console on the database. The SQL console is used to show the database structure and to execute SQL queries on the database.

Remote access

Allows the administrator to access the resource from another instance of JMap Server. This permission is generally granted to a generic account used to open communication sessions between different instances of JMap Server. For more information, see sections and .

Owners of a resource

Most resources managed in JMap Admin have one or more owners. Owners of a resource are the only ones that are allowed to:

manage administration permissions for the resource;
manage the list of owners for the resource;
delete the resource.

Super administrators

Super administrators are special accounts that can do everything in JMap Admin. They are the only ones who are allowed to:

manage the list of super administrators;
manage global administration permissions;
manage users and groups;
modify JMap Server’s working parameters;
display the log files;
import and export configurations.

You can manage the list of super administrators from subsection Permissions in section JMap Server. Select the Super administrators tab.

The following table presents administration tasks with examples, and indicates which profile or permission is required to perform each task.

Tasks

Super Administrator

Administrator

Access JMap Admin

YES

If permission Access JMap Admin

Manage the list of Super administrators

YES

Manage global administration permissions • Give an administrator permission to create projects • Remove an administrator’s permission to create spatial data sources • Give an administrator permission to create metadata templates for layers.

YES

Perform management tasks for JMap Server • Modify JMap Server’s working parameters (ports, memory, etc.) • Manage users and groups •Import and export JMap Server configurations • View log files or modify their settings

YES

NO Can change user account password

Create a resource • Create a project • Create a database • Create an application deployment

YES

If permission Create …

Use a resource • Use a database to create a spatial data source • Use a data source to create a layer • Use a connection to JMap Server to create a layer by reference

YES

If permission Access …

View detailed information about a resource • Click on a database and view all of its parameters • Click on a project to view all of its parameters

YES

If permission Access …

Modify a resource • Change the name of a project • Add a layer in a project • Modify the connection parameters for a database • Modify the projection of a spatial data source

YES

If permission Administrate …

Delete a resource • Delete a project • Delete an application deployment • Delete a style template

YES

If owner of the resource

Manage user permissions of a resource • Give a user permission to open a project • Give a user permission to edit the elements of a project layer • Remove a user’s permission to copy the data of a project layer

YES

If permission Administrate

Manage the administrator permissions of a resource • Give an administrator permission to use a spatial data source • Give an administrator permission to modify a project • Remove an administrator’s permission to modify a database

YES

If owner of the resource

Manage the list of owners of a resource

YES

If owner of the resource

Permission reports

Permission reports allow you to view all the permissions that a user or a group has on a single report. A permission report is a convenient way to get the information without checking every resource. The reports are accessible from the Users and Groups tabs in the Users / Groups section, by clicking on .

PrécédentSingle Sign-On for JMap Pro SuivantManaging Sessions

Dernière mise à jour il y a 2 ans