Services
Account Services
Subscribe to receive notifications if you want to stay updated about events in this site.
The Eionet password expires two years after it was last changed.
Security Principles
Several types of user roles are foreseen:
- Anonymous visitor
- The visitor can browse released reports and download those files that have unlimited access.
- Reporter
- A reporter, who creates the actual reports. A reporter can release an envelope to the public. The public must be confident that they are not downloading an incomplete report, so a release/-revocation is logged in the activity log. The reporter is responsible for identifying files with limited access before releasing the envelope. Once a report is released, it is no longer possible to upload files. If a mistake is found then the release-status can be revoked.
- Client
- Clients can see documents where the access is limited - but only in released envelopes.
- Auditor
- The auditor can view unreleased envelopes.
- Manager
- And then there still is the Zope Manager, who can fix everything if/when the security paradigme doesn't cut it.
A user can be one, more or all of these roles at the same time.
Additionally, a user can only delete objects he himself have created. And in the case of files, only if the envelope is not released.
Permissions
There are six permissions:
Add Collections, which is given to the collection administrator
Change Collections, which is given to "owner". Thereby the collection administrator can only modify the collections he has created.
Add Envelopes, which is given to the "reporter". This allows people to create envelopes. If you have the right to create an envelope you also have the right to add files into it. If there are certain parts of the hierarchy that a reporter should be restricted to, then give him the permission as a local role, or create a user folder on that level.
Change Envelopes. Give this permission to "owner" to let a "reporter" fill his own envelopes or give the permission to "reporter" to let all reporters modify all envelopes.
Delete Objects. Typically give this permission to "owner" and mayby "release-coordinator" or "collection administrator".
Release Envelopes. Can be given to "owner", "reporter" or some other class of users.