The Controller has three modes of handling the registration of new user accounts:
When restricted registration is active and someone registers an account, after validating its email address a notification is sent to the approval email address configured in the
EMAIL_REGISTRATION_APPROVE setting. To approve (i.e. enable) the account:
A message is sent to the approval address notifying the activation of the account. The new user is notified via email as well.
When closed registration is active, user accounts must be created manually:
The user is created and activated, and no notifications are sent to operators or the user.
For more details on user registration, see Registration Application.
Superusers are normal users which have been granted special administrative powers by other existing superusers. Superusers have unrestricted access to the testbed registry (e.g. they can grant node and slice management permissions to groups, see Roles and permissions for more details), and they can also administer the Controller itself (e.g. by uploading node base images or managing tasks).
To convert a normal user in a superuser:
Removing superuser powers can be done in the same way by the user itself of by another superuser.
Please note that superusers do not get Controller error or account approval notifications by default. For that, use the
EMAIL_REGISTRATION_APPROVE settings, respectively (see Controller configuration).
Although any registered user can create a group and automatically become its group administrator (see Creating a group), only groups with the proper permissions can create nodes or slices associated with them. In the Confined release of Controller software, these permissions are disabled by default for new groups and can only be granted by superusers.
When a group administrator requests node or slice creation permission for the group (see Applying for slice or node management for the user's perspective), an email message is sent to superusers notifying about the request for node or slice resources. To allow or decline the request:
This resolves the requests. Granting group permissions can be undone in the same way only by superusers.
See Resource Management (only superusers) for more details on group permissions.
The user registration procedure includes sending several emails (e.g. how to validate the user's email address, next steps, etc.). Although the Controller software provides a complete set of templates, you can customize them following these instructions:
~confine/mytestbed/templates, use your own system user and testbed name if different).
$ ls -R1 ~/mytestbed/templates # example with all templates customized /home/confine/mytestbed/templates/templates: registration /home/confine/mytestbed/templates/templates/registration: activation_email_subject.txt # ask user for email validation (email subject) activation_email.txt # ask user for email validation (email body) activation_complete.html # user validated the email address, moderation pending registration_complete.html # user completed the registration procedure registration_closed.html # information page when registration is closed
TEMPLATE_DIRSsetting with the custom templates directory and restart testbed services (see Controller configuration):
TEMPLATE_DIRS = ('/home/confine/mytestbed/templates', ) + TEMPLATE_DIRS