DoIT Shared Tools - Confluence Wiki - Auto-defined User Groups
Some groups of users in the DoIT Wiki and JIRA are maintained automatically for you. Space Admins in particular should understand these groups and use them appropriately to authorize access to their space. These groups and some use cases are documented here.
At login, each user is checked for the SHIB attirbute eduWisconsinUDDS (which contains the user's UDDS). If present the, 4 groups are created for the given user. In the table below the example values shown would be for a user with eduWisconsinUDDS=a067130.
Group Example Description udds 1-digit udds-a A group starting with udds- and containg the first digit of the UDDS value udds 3-digit udds-a06 A group starting with udds- and containing the first 3 digits of the UDDS value udds 5-digit udds-a0671 A group starting with udds- and containing the first 5 digits of the UDDS value udds 7-digit udds-a067130 A group staring with udds- and containing the full 7 digit UDDS value
confluence-users & jira-users
The confluence-users or jira-users groups contain every active account for their respective tools. This group potentially includes any person with a UW-Madison NetId as these users can self-enroll to use the respective tool (Confluence or Jira). Also, with Confluence, Space Admins can request that non-UW-Madison persons be given an account. This group is populated when user accounts are created.
Anonymous is not strictly a group. It represents all users who have not authenticated to the wiki. We know nothing about an anonymous user's identity. Under no circumstances should anonymous users be granted write access to the DoIT Wiki.
Remember, permissions are set at the space level. They can be further limited for portion of the space's tree of pages. They can not be expanded on a per page basis.
Campus comment (Authenticated comment)
Space admin grants Create Page access to the space to a specific set of users that maintain the space content. View access and Create comment access is granted to confluence-users. This allows all campus users to view the space content and add comments to pages in the space, but not change the wiki content. Note with Wiki Self-Enrollment, if a campus user is specifically directed to a non-anonymous page an account will be created for them in the Wiki when they access the page. But until they have an account, if they search for content they will not see non-anonymous content.
A good default suggestion for maximum sharing of knowledge
The following settings allow you to share content with the world in support of the UW's mission of education. Any named user (has some UW relationship) can comment on your content. Content can be updated by any DoIT employee to allow seamless collaboration with annoying requests for access. We trust our fellow employees to not muck with our content. And all changes are documented and can be rolled back.
|Space Admin||Limited set of users|
|Create Page/Create Comment||doit-employees|
|View and Create Comment||confluence-users|