When adding users to LUNA, it's important to think about all the different access options you have. Perhaps you'd like Isabelle to be able to edit records from one collection but not another. Or let Pam export images at the highest resolution from the LUNA Viewer but not have access to the LUNA Collection Manager. This is all possible with credentials and access permissions.
Once a credential is assigned to the user, they should have the correct permissions and access levels to collections and the Independent Media Items. If they can't view a collection, edit records, etc. chances are there's a setting that needs to be fixed in the credential or access permission.
In a nutshell:
- A user is assigned a credential.
- A credential includes settings for: export; My Uploads; create or delete templates; create or delete collections; administrator access; and lists associated access permissions.
- Access Permissions detail what level of access a user can have to a specific collection. For every collection you want a user to access they must be given an access permission for that collection.
Adding & Editing Users
The list of users is found in the Users tab. This list will display both active and non active users. Each user is assigned a User ID. You can quickly see which credential is assigned to that user, as well as their name, email address and the authentication method they are using. Use the search box to search for a specific user. Click on a user to select them, you can then edit the user's settings. You can also easily select or deselect all.
If you select more than one user, the only settings you can edit will be what credential they are assigned to and whether or not they are active. Simply click on "Create new user" to add a new user.
Note: Only a Super Admin can create or edit passwords for a user. However, if you are not a Super Admin but still need to add a user account with a username and password there are 2 options:
If you're using a 3rd party authentication system like LDAP you don't have to worry about the account creation.
Registering with LUNA Viewer
The LUNA Viewer includes a "Register" feature. This can be enabled during installation by checking a box. If registration is turned off you will not see the "Register" link next to Login in the LUNA Viewer. The most common reason to have registration turned of is because you want to keep your collections private and create users yourself or you want to use authentication like LDAP, Shibboleth, or let the users IP address assign access.
This is the simplest way for users to register an account. If registering this way, the user will be assigned the "Anonymous User" credential. Typically (and by default) this credential will only include access to collections in the LUNA Viewer.
Since your audience accessing the LUNA Viewer could be very large you don't want to have to add these users yourself, so let them register for an account and the "Anonymous User" credential will automatically apply to them.
For granting access to the other LUNA tools you'll most likely want to be a Super Admin and register users via the LUNA Administrator. This process involves assigning credentials and access permissions.
Granting Access with Credentials and Access Permissions
The first step in granting access to a user is to create that user in the Users tab.
The second step is to assign a credential to that user. Once a credential is assigned to the user, they should have the right permissions and access levels to collections and the Independent Media Items. If they are missing access to something, chances are there's a setting that needs to be fixed in Credentials or Access Permissions.