Chapter 6 User Management
The CWD Data Warehouse uses a distributed model for user management in which each Provider is responsible for managing all user accounts associated with the Provider.
Each Provider can designate one or more Provider Administrators, who have the ability to create and manage user accounts associated with their respective Provider. Provider Administrators are responsible for ensuring that only individuals authorized to access Provider data have user accounts.
6.1 User Roles
Roles grant authenticated users specific privileges, such as permission to view or edit specific data collections, manage users, execute models, or create visualizations.
There are four “base” user roles: Visitor, User, Provider Administrator, and System Administrator. An individual user account can have only one of these roles. The Visitor, User, and Provider Administrator roles are Provider-level roles. A user account with one of these roles is authorized to access resources available only to the Provider.
Some base roles may be given additional privileges, such as permission to create, update, and delete specific data collections. Technically, these additional privileges are also referred to as roles. However, these secondary roles may be granted only to specific base roles and the privileges are cumulative.
The table below describes all CWD Data Warehouse user roles.
| Role | Description |
|---|---|
| Per Provider Roles | |
| Visitor | A base role providing read-only access to all non-administrative data |
| User | A base role providing read-only access to all Provider data with some access to administrative data like audit logs and data change logs |
| Sample editor | Adds privileges to the User role; permission to create/edit sample data |
| Sample importer | Adds privileges to the User role; permission to import sample data using the sample data import and normalization process |
| Cervid facility editor | Adds privileges to the User role; permission to create/edit cervid facility data |
| Processor editor | Adds privileges to the User role; permission to create/edit processor data |
| Demography editor | Adds privileges to the User role; permission to create/edit demography data |
| Agency expense editor | Adds privileges to the User role; permission to create/edit agency expense data |
| Annual surveillance editor | Adds privileges to the User role; permission to create/edit annual surveillance data |
| Test alignment editor | Adds privileges to the User role; permission to create/edit test alignment data |
| Provider Administrative Roles | |
| Provider administrator | Full access to the Provider account including Provider configuration; create/edit/delete all Provider data, models, and visualizations; and create/edit/delete Provider users |
| System Administrative Roles | |
| System administrator | Can administer the entire system |
| Special roles | |
| Provider representative | Adds privileges to the User or Provider administrator role, granting permission to approve the Data Use Agreement |
| Test alignment integration | Can create/read test alignment data only |
| Disabled | Disables access to the system |
6.1.1 System Administrators
The System Administrator role is granted only to individuals requiring system-wide access in order to perform their responsibilities, such as creating and managing Providers, developing, deploying and managing new resource types, such as new data collections, models, and visualizations. The System Administrator role is granted only to individuals employed by or contracting with Cornell University, all of whom must strictly comply with the Data Use Agreement and adhere to the Data Security Plan.
6.1.2 Provider Administrators
The Provider Administrator role grants a variety of privileges related to the management of users and data. These include the following:
6.1.2.1 Manage Provider Users
The Provider Administrator has permissions to create, edit, and disable/delete users. The Provider Administrator also has the ability to assign and remove any Provider level role, including the creation of other Provider Administrators.
6.1.2.2 Configure the Provider
The Provider Administrator can access the Provider Administration Interface, which provides access to settings for data collection features which can be customized per Provider.
6.1.2.3 Manage all data collections
The Provider Administrator has full privileges to create, view, edit, and delete all data collections.
6.1.2.4 Access Confidential Data
It may be necessary to prevent access to some Sample records for a number of reasons, such as quality control issues or sensitive data. These records may be marked as “Confidential” by the Provider Administrator and will be accessible only to users with the Provider Administrator role. As described in the Sample Collection documentation, confidential samples are also excluded from all Model executions and Visualizations.
6.1.2.5 Access all logs
The CWD Data Warehouse Audit Log records events that occur in the Warehouse, including changes to users and data. These log entries are available in the Administrative section in the Main Menu.
If a Provider chooses to use the Sample Normalization feature, the Provider Administrator will also see the Import log which documents the results of executed Sample data imports.
6.1.3 Provider Users
The User role was created with Provider staff in mind. The base User role provides read-only access to all Provider data collections and access to Visualizations shared by a Provider Administrator. A User may be given additional privileges to allow for data creation, editing, and management. These additional privileges are granted per data collection to allow for fine control of user privileges.
It is recommended that Provider Administrators follow the principle of least privilege (POLP), which means that users should be granted only the minimum privileges necessary for their information needs or to accomplish tasks for which they are responsible.
6.1.4 Provider Representatives
The Provider Representative is a special role created to allow Providers to digitally sign or authorize the Data Use Agreement. This role can be assigned to either a Provider User or to a Provider Administrator. See the Initial Provider Setup section below for more information on the purpose and function of this role.
6.1.5 Test alignment integration
Test alignment integration is a special role that allows the associated user account to create and read test alignment data. This role can be used by a Provider to allow a diagnostic laboratory or other service to push CWD test result data directly to the CWD Data Warehouse using a user account with an associated API key.
6.2 User Account Properties
Each user account must have a unique email address. The email address is the unique identifier for an account and is the only required field. In addition, a user account has the following descriptive properties:
- first name
- last name
- title
- organization name
- organization address
- roles
- API key
The additional properties are not required, but may be useful for user and user role management.
6.3 API as the User
The user account includes a property called API Key. A Provider Administrator may assign an API key to a user account by clicking the Generate API Key button. The CWD Data Warehouse API is discussed in the API section.
If API functionality is required, it is recommended that separate user accounts are created specifically for those API Keys. User accounts with API Keys should be used only for the API and should not be used by logging in through the user interface.
When creating an account for an API Key, the Password should be left blank and the “Send password set/reset email” check box should be not be checked. The API Key may be cleared by pressing the Clear API button.
The role(s) assigned to the API Key user account determine the privileges that will be allowed for that API Key. For instance, to create, update, or delete Sample collection data, the role assigned to the API Key user account must have at least the necessary privileges to create, update, or delete Samples.
Providers may generate multiple API Keys (one per user account) in order to appropriately manage and limit access.
6.4 Provider Setup
A Provider and its users are not permitted to access or use the CWD Data Warehouse prior to the approval of the Data Use Agreement by the Provider. The Data Use Agreement is approved by a Provider Representative directly in the CWD Data Warehouse through the process described below.
The first step in the initialization of a new Provider is the creation of a user with the Provider Representative role (a User or Provider Administrator with the Provider Representative role). This task can be completed only by a System Administrator.
The Provider must provide the System Administrator with the following details for the Provider Representative: - full name - title - email - organization name - organization address
The System Administrator will create a user account with the above information. The Provider Representative will be sent a system-generated email with a link to complete the setup of their account by setting a password.
After completing the account setup process, the Provider Representative, upon visiting the CWD Data Warehouse site, will be directed to a page requesting approval of the Data Use Agreement.
Following approval of the Data Use Agreement, Provider Administrator accounts created by System Administrators will become active. Additional accounts may be setup for other Provider users by the initial Provider Administrator. A System Administrator may, upon request, assist in setting up addition Provider user accounts.
6.5 Setting up new users
To create a new user account, the Provider Administrator should select the Users button in the Navigation bar. The Users list for the Provider will be displayed. The Provider Administrator may then click the Create button to create a new user.
6.6 Disabling or deleting accounts
Provider Administrators have privileges to disable or delete accounts. Both disabling and deleting accounts have the same effect: the user is prevented from accessing the Warehouse. Therefore, it may be desirable to simply disable rather than delete an account. This decision will be based on a Provider’s user management policies.