- BCMS and organization access
BCMS and organization access
Sign up and login
Relevant issue #221 (closed)
For MyNCBI implementation, we will NOT use BCMS login page at all. Note that MyNCBI does not have an option to enter first/last name when registering for a new account, so we will prompt for that information in BCMS.
Workflow for MyNCBI login implemented:
- User attempts to go to any BCMS page, ex. BCMS dashboard
- User is not signed in -> User is redirected to MyNCBI login page automatically.
- User either signs in to MyNCBI or registers a new account following an existing MyNCBI flow.
- Upon successful MyNCBI login, a user is redirected back to BCMS and MyNCBI provides the following user information:
- BCMS checks if a user record with this UserId exists already:
- If exists: user is directed to the originally requested BCMS page
- If a user doesn't exist:
- A user is directed to the modified BCMS "Sign up" page to enter their first / last name.
- A new user record is created in BCMS and a user is directed to the BCMS dashboard.
Manual request for Sys admin and PDF2XML vendor access
There is a very limited amount of users with these roles. After these users have signed up --> notify the NCBI super admin to apply the required role.
- User lets super admin know he has signed up
- Super admin goes to 'All users' page and searches for the user
- Super admin clicks on user and applies role: Sys admin or PDF2XML vendor.
Invite Org admins
Sys admins invite Org admins at the time of setting up the Organization is the BCMS.
This is done on the relevant Organization page, from the Users tab:
On 'Send invitation' button, an email is sent to the email provided with a link to the [?] page. The user is redirected to MyNCBI login page and follows the flow described above.
Once the Org Admin has signed up, she can give any other member of the organization the role "Org Admin".
Note: Sometimes Sys admin act as an Org admin -- this applies to 'legacy' projects that NCBI manages on behalf of organizations. It is most likely not necessary for the sys admin user to assign herself as the org admin in these cases, however it's safer to have this option, at least until all notifications have been scoped.
Related issue #194 (closed)
All roles request access to an organization, except:
- Sys admins
- Org admins
- PDF2XML vendor
From the Dashboard, signed up users select the 'Organization access' button, which opens this modal:
Users select the organization name from the dropdown.
If users select a publisher org, the next step is to select 'Request organization access.' This sends a pending user request to the organization admin to approve.
After selecting the pending user from the user table, the Publisher org admin sees the following screen on their admin page:
The admin accepts or rejects the user, and applies the role 'Editor' if relevant.
Note: The admin can apply the role 'Admin' and 'Editor' to users in their org at acceptance or at any stage afterwards.
(Rejected users are shown on the system admin 'all users' page)
If users select a funder org, they are shown the Granthub integration fields (see #129 (comment 47871)). Completing these fields will be required. (Since funder admins are invited to join the BCMS, this means only 'awardees' will see and complete this.)
The next step is to select 'Request organization access.'
After selecting the pending user from the user table, the Funder org admin sees the following screen on their admin page:
Correction to wireframes:
Institution name should read
The same accept/reject workflow applies as above.