As of v2.0.0, COmanage Registry supports a concept of CO Services. A CO Service represents a service or application that a CO Person has access to by participating in the collaboration. While access to the service is likely controlled by Registry managed attributes, the service itself is not accessed as part of Registry. Instead, CO Services act as inventory or catalog of available services, rendering a list of available services on a per CO Person basis.CO Services are registered by a CO Administrator via the Configuration >> Services menu, and are made visible to users via both the Services menu (v2.0.x only; visible only after the first CO Service is registered) and the Service Portal (available in the main menu). CO Service attributes include

  • CO Group: Access to this service is available only to members of this group. Note the application is ultimately responsible for its own access control.
  • Service URL: The URL of the service.
  • Contact Email: The email address of a contact responsible for managing the service.
  • Entitlement URI: The entitlement URI associated with this service. Used (eg) by the LDAP Provisioning Plugin.

  • Visibility: Who can see this CO Service entry. Note that administrators are not treated specially – they will only see Services in the menu and portal for which they have associated eligibilities. To see the full list of services, administrators can use the configuration menu.

    • CO Admin: Only CO Administrators within the CO can see this service

    • CO Group Member: Only members of the associated CO Group can see this service

    • CO Person: Any CO Person within the CO can see this service

    • Unauthenticated User: Anyone can see this service

  • COU: COU this CO Service is associated with. Service Portals will be available (in the main menu) for each COU with attached services. If set, this service will not be visible in the CO's Service Portal. Available since Registry v3.1.0.
  • Service Identifier Type: Used to indicate which type of Identifier is to be used with this Service. Available since Registry v3.2.0.
  • Short Label: Primarily intended for use with the LDAP Provisioning Plugin, a short label for the service that can be used when attribute options are enabled. Available since Registry v3.2.0.

If at least one CO Service is configured with Unauthenticated User visibility, then the Service Portal will be publicly accessible. Otherwise, only members of the CO can see the Service Portal.

The Service Portal can be rendered within Registry Dashboards by using the Services Dashboard Widget.

Group Membership

As of v3.1.0, it is possible for a CO Person to add or remove themselves from the CO Group associated with a Service directly from the Service Portal, using the Join and Leave buttons. Using Join and Leave is functionally equivalent to navigating to My Groups, finding the appropriate group, and ticking the Member button. This is only available when the CO Group associated with a Service is an open group.

Administrators cannot use this interface on behalf of a CO Person, but must instead use the regular group management interfaces.

Provisioning Services

As of Registry v3.3.0, CO Services can be provisioned. Currently, no out of the box Provisioner Plugins support provisioning Service, but future updates may introduce such support.

See also

  • No labels