SBEAMS Security Model

There are 6 levels of privilege:

privilege_id name               comment
------------ ------------------ ---------------------------------------------- 
10           administrator      Has full rights to nearly everything
20           data_modifier      Is allowed to modify anyone else's records
25           data_groupmodifier Is allowed to modify records written with
                                the current work group
30           data_writer        Is only allowed to insert new records
40           data_reader        Is only allowed to read records
50           none               Has no privilege over a given object

Each user may belong to zero or more work groups. The user may have one of the 6 levels of privilege within that group. A user may select what group he or she is working under and permissions are calculated based on that group.

Every table belongs to a table group.

Every work group has certain privileges (one of the above 6) over one or more table groups.

A new record is written with a created_by and modified_by field which is filled with the user creating the record. The new record also has a field for the current work group that the user was using when the record was written.

A user may always modify a record for which the modified_by field is himself.

Provided the user's current work group has similar sufficient privilege, a user may modify a record only if he has privilege level data_modifier or better. Or, if he has data_groupmodifier privilege, he may modify the record if the current work group of the user matches the owner group of the record.

An individual record may have either Normal, Locked, Modifyable status. A Locked record may be changed by no one but the modified_by user regardless of other privileges. A Modifyable record may be modified by anyone who has write privileges to that table. A Normal record follows all the rules previously laid out.

This system is fairly complex, but should serve current and future security needs. The most likely "gotcha" of the system is users who belong to more than one group working under the "wrong" group. The will cause permission denied errors, and will write records as the "wrong" group. There is presently no facility in the interface to change the group ownership of a record. It is therefore important that users watch their current group at the top:

  Current Login: edeutsch (2)   Current Group: Array_user (6)   Current Project: [none] (0)   [CHANGE]

Current groups:

work_group_name    comment
------------------ ----------------------------------------------------------- 
Admin              Administrators with nearly full privilege
Other              Default group with almost no privilege
ISB                Unused
Arrays             Fairly powerful group over most Microarray tables
IT                 IT department with no special privileges
Array_user         Standard microarray user.  Has some access to some tables