Search this chapter:
This guide explains how to use the administrative features of NBIA.
Security applies to all administration tools in NBIA. When you log into NBIA, only the administration tools for which you have been granted permissions are visible in the Admin menu. Their use is described on this page.
Only an NBIA administrator can create new users for NBIA.
Before NBIA users can be created, an administrator with access to the User Authorization Tool must register the NCIA application and assign an admin user to the NCIA application there. The administrator can then assign users to NBIA and roles to each user. The following table describes the role structure in NBIA.
Role | Functionality |
---|---|
NCIA.READ | Search capability |
NCIA.MANAGE_VISIBILITY_STATUS | Privilege to access QC Tool |
NCIA.VIEW_SUBMISSION_REPORT | Privilege to access Verify Submission |
NCIA.MANAGE_COLLECTION_DESCRIPTION | Privilege to edit a collection description |
NCIA.SUPER_CURATOR | Privilege to approve the deletion of image series |
NCIA.DELETE_ADMIN | Privilege to execute the deletion of images approved for deletion |
The roles you assign allow a user to perform tasks in TCIA. Additionally, an administrator can perform the following tasks:
For more information about creating new TCIA users/user groups and performing other tasks in the User Authorization Tool, see the User Authorization Tool documentation.
As an administrator, you can assist in the two-tier process of deleting TCIA data. To do so, you must have been granted specific roles. For more information about the roles and the deletion processes, see NBIA Administrator's Guide 6.5.3.1 and Manually Deleting Image Series.
Administrators use the User Authorization tool to manage data access by users, user groups, protection groups, and roles.
Topics in this section include:
To access and use the User Authorization Tool, you must be a TCIA administrator.
BREAK!
Once a user submits data, an administrator adds the user to TCIA. The administrator must create the user in LDAP to manage data access privileges.
Contact the Help Desk to request that a user be added to LDAP. |
Managing users involves:
Select the User tab.
To activate the user, select Active Status. To deactivate the user in TCIA, clear Active Status.
Click to save the changes.
The user is added to TCIA and the table on the User tab.
To find a user on the User tab, narrow the list by adding one or more characters to one or more column header boxes.
In the following example, the displayed users have 5523 as part of their login name and nlsc in their email address.
Find the user whose information you want to update.
Click .
The User Details window appears.
Update the Email address as needed. The Login Name cannot be updated.
For an active user, maintain Active Status. To deactivate the user in TCIA, clear Active Status.
Click Save to save the changes.
The user information is updated in the table.
A user cannot be deleted from TCIA, only deactivated.
Select the User tab.
Find the user you want to deactivate.
Click .
The User Details window appears.
Clear the Active Status box and then click Save.
The user's Active Status value changes to False.
A TCIA administrator uses the Protection Group tab to add protection groups and assign protection elements to limit data access and visibility by image collection and site(s).
TCIA automatically creates protection elements when data is submitted based on the image collection and site(s). |
Managing protection groups involves:
From the Protection Group tab, click Add Protection Group.
The Add Protection Group window appears.
The following table lists and describes protection group information.
Name | Description | |
---|---|---|
Protection Group Name | Start the name with "NCIA” and enter your name of choice.
| |
Protection Group Description | Add a description (optional). |
Click to save the changes.
The protection group is added to the table.
Once you create the necessary protection group(s), assigning the associated protection element(s) is the beginning of setting up security for a collection's visibility in TCIA. The protection element identifies the collection, as well as the site, associated with the data.
If the protection element is set to Public, a user can be assigned the Public role and have access. For limited access to the data, assign a user to a protection group and a role that allows the user data access. |
To associate a protection element with a protection group
Click Available Protection Elements.
Select the elements to be associated with the protection group.
To narrow a list, type the name or part of the name next to the magnifying glass icon (). |
Click to save the changes.
The Associated Protection Element(s) column lists the elements that you added.
In the following example protection element, NCIA.SportInjury//ACL
ACL is the site.
If there are multiple sites for a collection, you might want to create a protection group for each site. This process would grant access to verify submissions per site. |
Click Included Protection Elements, and select the elements to remove.
To narrow a list, type the name or part of the name next to the magnifying glass icon (). |
Click x to return without saving.
Click to save the changes.
The protection element(s) is no longer listed in the Associated Protection Elements column.
On the Protection Group tab, you can perform a global search or a column search both described in the following table.
You can perform both searching techniques to further filter a list, but do not forget to clear the search boxes to expand the list. |
Type of Search | Performing a Search |
---|---|
Global Search | You can search for a term or part of a term in all the protection group columns in the table. All protection groups with the characters you entered are returned. In the following example, a Global Search of colonography finds protection groups with the word in the Protection Group name and the Associated Protection Elements. |
Column Search | You can also find protection groups in the table by adding a term to a column header or more than one column header to further narrow the list. In the following example, bbb in the Protection Group column and demo in the Description column, displays two results. |
Click .
The Protection Group Details window appears.
Update the group description.
Note that you cannot update the protection group name.
Click to save the changes.
Click .
The Protection Group Details window appears.
Click .
The row is removed from the table.
TCIA administrators create user groups to limit data access and visibility by protection group and user role. Before or after creating user groups, you can assign users and roles to protection groups.
Managing user groups involves:
Select the User Group tab.
You can associate a user group with a protection group and one or more roles.
To assign a protection group and role to a user group
Select the User Group tab.
In the row associated with the user group whose access you want to specify, click .
The Add Protection Group to Selected User Group window appears.
Open the Protection Group list and click one protection group to select it.
To narrow the list of protection groups, type the name or part of the name next to the magnifying glass icon (). All protection groups with the characters you entered are returned. |
The list closes and shows your selection in the window.
Open the Role list and and click the box to the left of each role you want to assign to the selected protection group.
To narrow the list of roles, type the name or part of the name next to the magnifying glass icon (). All protection groups with the characters you entered are returned. |
The list closes and shows your selection(s) in the window.
Deleting a user group does not delete the users in it.
To delete a user group
Select the User Group tab.
A TCIA administrator creates protection groups to limit data access and visibility by image collection and site(s). Administrators add users to protection groups and can then further manage their access by assigning them one or more roles. Users can only access the protection group data in the way that the role specifies.
For example, John Smith needs to be a curator within the Mouse Astrocytoma protection group, so user johnsmith is assigned to protection group TCIA Mouse Astrocytoma with the role of CURATOR.
Topics in this section include:
Enter a name for the new group and optionally, a description.
Do not use special characters such as |
Click .
The protection group appears on the Protection Group tab.
If you are a Super Administrator for one protection group, your privileges extend to all of the protection groups. |
To assign a user to a protection group and assign roles
Select the User Authorization tab.
Select a user from the list.
A page listing the protection groups and access roles associated with the selected user opens.
Click .
The Grant Access to Selected User window opens.
From the Role list, select the access role that the user should have in that protection group.
The following table lists and describes the access roles available in TCIA.
Access Role | Description of Access Role |
---|---|
NCIA ADMIN | Access the User Authorization Tool to manage users |
NCIA CURATE | Add or modify curation data |
NCIA DELETE_ADMIN | Super Administrator role for deletions |
NCIA MANAGE_COLLECTION_DESCRIPTION | Manage collection descriptions |
NCIA MANAGE_VISIBILITY_STATUS | Access the Quality Control (QC) Tool |
NCIA READ | Public role for searching |
NCIA SUPER_CURATOR | Super Administrator role for approving deletions |
NCIA VIEW_SUBMISSION_REPORT | Access the Submission Reports option to verify submissions. |
The row is added to the table.
To adjust how the table is sorted, click the arrows in the column header. To narrow the list, type the name or part of the name in the column header. You can also enter information in multiple column headers to further narrow the list. |
Select the User Authorization tab.
Select a user from the list.
A page listing the protection groups and access roles associated with the selected user opens.
To change the user's access to roles in this protection group, click the down arrow to open the Role list. Select the boxes next to roles you want to assign to the selected user. Clear the boxes next to roles you do not want the user to have. Click to save your changes.
To delete a role, open the Role list, select a role, and click .
The User Authentication tab appears.
The following table lists and describes how to resolve error messages returned by the User Authorization Tool (UAT). Error messages appear in a red box.
Messages in a blue box, such as Info: Request sent to server. or Info: Sent., indicate that a request was sent to the server to save, update, or delete an item. |
UAT Error Message | Resolving a UAT Error |
---|---|
Error: No data found from server. | You performed a search and there were no results. Enter different search criteria. If a selected user has not been assigned to a protection group with a role, you will receive the following message: Error: No data found from server. |
Error: Session expired. Please log in again. | You logged in but your session was too long and the session expired. You need to log in again. |
Error: Error occurred while retrieving data from server. Check the server connection please. Error code: <a number> | An unexpected error occurred. The error code shows a return http status code that may or may not be useful for debugging. |