On Wed, Jun 1, 2011 at 3:34 PM, Nate Coraor <n...@bx.psu.edu> wrote: > Jean-Baptiste Denis wrote:
>> My goal is to delagate the management of library/datasets to a galaxy >> admin of each team from the beginning : i do NOT want a SINGLE >> independant super admin to manage the access for multiple team, it >> doesn't scale. > > Okay, you are correct, then, in needing to do this in seperate > instances. We'd like for this to eventually become a role instead of > superuser privelege, but I don't know when it'll be implemented. This may not work for you but this is how we approach this problem - create a separate library folder at the top of the library hierarchy for each separate team; require the team role for access to that library; assign all the admin privs for all subfolders and data sets to a user in that team to manage all the material within that team's library and to take responsibility to ensure that every item requires that team's role for access. Every member of a team has to have the team role and every data set for the team must have that permission. I'm pretty sure this is possible if a little tedious to set up but users would not be able to see anything in a library they didn't have permission to see and each separate group's admin would only be able to administer things at or below their group's top level folder - but not in folders for which they did not have administrative permissions. This avoids all the problems with multiple separate instances but will require some careful administration - which each team would be responsible for. The Galaxy admin of the single instance can always see all libraries and contents - and if that's a problem for your users, please don't tell them that the root user of any unix filesystem (your system administrator) already has access to everything!! ___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/
