.. _systemAuthorization: System Authorization ==================== For each system authorization rules must be configured, a short introduction about the different options available are showed in the next table: +----------------------------+------------------------------------------------------------------+-------------+ | **Option** | **Description** | **Example** | +----------------------------+------------------------------------------------------------------+-------------+ | *AccountingMonitor* | Allow access to accounting data for all groups | | +----------------------------+------------------------------------------------------------------+-------------+ | *AlarmsManagement* | Allow to set notifications and manage alarms | | +----------------------------+------------------------------------------------------------------+-------------+ | *BookkeepingManagement* | Allow Bookkeeping Management | | +----------------------------+------------------------------------------------------------------+-------------+ | *CSAdministrator* | CS Administrator - possibility to edit the Configuration Service | | +----------------------------+------------------------------------------------------------------+-------------+ | *FileCatalogManagement* | Allow FC Management | | +----------------------------+------------------------------------------------------------------+-------------+ | *FullDelegation* | Allow getting full delegated proxies | | +----------------------------+------------------------------------------------------------------+-------------+ | *GenericPilot* | Generic pilot | | +----------------------------+------------------------------------------------------------------+-------------+ | *JobAdministrator* | Job Administrator | | +----------------------------+------------------------------------------------------------------+-------------+ | *JobSharing* | Job sharing among members of a group | | +----------------------------+------------------------------------------------------------------+-------------+ | *LimitedDelegation* | Allow getting only limited proxies (ie. pilots) | | +----------------------------+------------------------------------------------------------------+-------------+ | *NormalUser* | Normal user operations | | +----------------------------+------------------------------------------------------------------+-------------+ | *Operator* | Operator | | +----------------------------+------------------------------------------------------------------+-------------+ | *Pilot* | Private pilot | | +----------------------------+------------------------------------------------------------------+-------------+ | *PrivateLimitedDelegation* | Allow getting only limited proxies for one self | | +----------------------------+------------------------------------------------------------------+-------------+ | *ProductionManagement* | Allow managing production | | +----------------------------+------------------------------------------------------------------+-------------+ | *ProxyManagement* | Allow managing proxies | | +----------------------------+------------------------------------------------------------------+-------------+ | *PPGAuthority* | Allow production request approval on behalf of PPG | | +----------------------------+------------------------------------------------------------------+-------------+ | *ServiceAdministrator* | DIRAC Service Administrator | | +----------------------------+------------------------------------------------------------------+-------------+ | *SiteManager* | Site Manager | | +----------------------------+------------------------------------------------------------------+-------------+ | *TrustedHost* | Host defined in the system to be trusted | | +----------------------------+------------------------------------------------------------------+-------------+