Login
There are various possible ways to log in to Kadi4Mat. Each Kadi4Mat instance may have one or more authentication providers registered, which are briefly described below.
- Credentials
- This method of authentication uses separate accounts local to a specific Kadi4Mat instance. The credentials of each user consist of a unique username and a password. Depending on the configuration of an instance, registration of new accounts may be possible by individual users or only by system administrators.
- LDAP
- This method of authentication allows logging in using existing accounts managed by a specific LDAP (Lightweight Directory Access Protocol) installation. LDAP is a directory service commonly used for authenticating users and maintaining different kinds of information. Such a service can be deployed on different levels, e.g. for individual working groups or entire institutions.
- OpenID Connect
- This method of authentication allows logging in using existing accounts of one or more web-based, third-party services via the OpenID Connect authentication protocol. Each service has to be configured separately in Kadi4Mat by a system administrator. When authenticating with one of these services for the first time, users have to consent to Kadi4Mat accessing their user data.
- Shibboleth
- This method of authentication allows logging in using existing accounts of a user's home institution via the Shibboleth authentication protocol. Each institution needs to be configured separately in Kadi4Mat by a system administrator. Note that some institution's Identity Providers may not release all required user attributes to Kadi4Mat by default. In this case, the administrator of the Shibboleth Identity Provider may need to be contacted.
Navigation
After logging in, the menu at the top left of the navigation bar allows access to Records, Collections, Templates, Users and Groups. Each navigation item leads to the corresponding main page of the respective resource, where existing resources can be searched and, if applicable, new resources can be created. Details about each resource type are described in the following sections.
The first two items at the top right of the navigation bar right also provide quick access to create new resources and search for existing ones. The two dropdown menus on the far right can be used to quickly navigate to various informational pages and to access the current user's profile page, including their created and deleted resources (see also Users). Furthermore, the latter makes it possible to access the Settings and to log out.
In addition to the navigation bar, a navigation footer is available on the bottom of all pages, regardless of being logged in or not. This footer provides quick navigation to various informational pages and also contains a selection for switching the current language.
Records
Records are the basic components of Kadi4Mat and can represent any kind of digital or digitalized object, e.g. arbitrary research data, samples, experimental devices or even individual processing steps. Records consist of metadata that can either stand alone or be linked to any number of corresponding data. They can also be grouped into collections or linked to other records, as described later.
Creating new records
Creating a new record first requires entering its metadata. This includes basic information, such as title, (unique) identifier and description. Additionally, generic extra metadata can be specified, specific for each different kind of record. This metadata consists of enhanced key-value pairs, where each entry has at least a unique key, a type and a corresponding value. Optionally, a description, an additional term IRI (Internationalized Resource Identifier) and validation instructions can be specified. It is also possible to create templates for the generic metadata, as described in Templates. The following values types can be used for this metadata:
- String
- A single text value.
- Integer
- A single integer value. Integer values can optionally have a unit further describing them.
- Float
- A single floating point value. Float values can optionally have a unit further describing them.
- Boolean
- A single boolean value which can either be true or false.
- Date
- A date and time value which can be selected from a date picker.
- Dictionary
- A nested value which can be used to combine multiple metadata entries under a single key.
- List
- A nested value which is similar to dictionaries with the difference that none of the values in a list have a key.
Aside from the metadata, it is possible to set the visibility of a record to either private or public, the latter giving every logged-in user the ability to search for the record and view its contents without requiring explicit read permissions to do so. Finally, a record may directly be linked to other resources and its permissions may directly be specified, both of which aspects can also be managed after creating the record.
Once the metadata of a record has been created, the actual data of the record can be added in a separate view, which by default the application will redirect to automatically. This is just one part of the various views to manage records, the next section describes the purpose of the others, which can be selected after going back to the record overview page.
Managing existing records
On the record overview page, different views are available, each of which can be accessed through the respective tab in the navigation menu of a record. The individual tabs and their contents are briefly described below.
- Overview
-
This tab provides an overview of a record, mainly related to its metadata. Here, it is possible to edit or copy a record, if the corresponding permissions are fulfilled, where editing a record also allows deleting it. Note that this will move the record to the trash first, see also Users. Furthermore, records can be exported in various formats, published or favorited. Note that the publishing functionality is only available if at least one publication provider has been registered with the application.
- Files
-
This tab provides an overview of the files associated with a record. Given the corresponding permissions, new files can be added, which is usually done by uploading locally stored files. However, certain types of files may also be created directly via the web interface. Existing files can either be downloaded in bulk or individually using the quick navigation menu of each file. Depending on permissions, this navigation also shows additional actions to quickly manage files.
Clicking on a file leads to a separate overview page of the corresponding file, which shows all additional file metadata. Furthermore, many file types include a built-in preview functionality. Here, it is also possible to edit a file's metadata or content, where editing the metadata also allows deleting the file. Some file types may offer direct editing of the actual file content, otherwise the regular upload functionality can be used. - Links
-
This tab provides an overview of the resources a record is linked with, which includes other records as well as collections. Collections represent logical groupings of multiple records, while links between records can specify their relationship and also contain additional metadata. Furthermore, record links can be visualized in an interactive graph. Clicking on a record link leads to a separate view, which provides a more detailed overview of the link and the associated records.
Linking resources requires link permission in both resources that should be linked together. Note that users still won't be able to view any linked resources if they have no explicit permission to do so. However, a limited subset of information about record links (the ID of the link, the linked record, the name and the term IRI of the link) will always be shown as part of the record revisions. - Permissions
-
This tab provides an overview of the access permissions granted to individual users or groups of multiple users for a specific record. New permissions can be granted if the corresponding permissions to do so are fulfilled, which currently works by using predefined roles. Details about the specific permissions and actions each role provides can be found by clicking on the Roles popover.
Note that group roles are always shown to users being able to manage permissions, even if the group would normally not be visible. This way, existing group roles can always be changed and/or removed. Such group roles only contain very limited information about the group itself (its ID, title, identifier and visibility). - Revisions
- This tab provides a history of changes to a record's metadata, file metadata and links to other records. By clicking on View revision of a revision item, a separate view will open, providing a more detailed overview of the respective revision and corresponding changes.
Collections
Collections represent logical groupings (e.g. projects, simulation studies or experiments) of multiple records or other collections.
Creating new collections
Creating a new collection is similar to creating new records, except that only some basic metadata are necessary. Additionally, it is possible to specify a Record Template to use as default when adding new records to a collection. Note that a limited subset of information about such templates will always be shown as part of the collection revisions (the ID of the template) and when editing the collection (the ID and identifier of the template).
Managing existing collections
Similar to records, collections have their own navigation menu, offering different tabs for viewing and managing collections. As most of the contents are similar to those of records, only the main differences are listed in the following sections.
- Overview
- This tab provides an overview of a collection, mainly related to its metadata. Additionally, the records that are part of a collection are directly listed in this overview.
- Links
- Besides linking collections to records, collections can also be linked to other collections, which is shown in this tab. This functionality can be used to create simple hierarchies of parent and child collections in order to improve the structuring of multiple resources, e.g. by representing projects and corresponding subprojects. Note that each collection may only have one parent collection, while the required permissions to link collections are handled similarly to other resource links.
- Permissions
- Besides managing the permissions of collections themselves, it is also possible to manage the roles of users and groups of all linked records in a collection in the corresponding tab, as collection permissions are currently not inherited by linked resources. Specifically, this applies to all linked records where the current user can manage permissions. When selecting an empty role, any existing permissions of the corresponding user or group will be removed instead.
Templates
Templates enable the creation of blueprints for different resources. There are multiple types of templates, which define the actual content that a template can contain. The following types of templates currently exist:
- Record
- Record templates can contain all of the metadata that can be specified for a record, including its generic extra metadata, linked collections, record links and permissions. Note that concerning linked resources or groups, their IDs will be visible to all users who can access the template. Record templates can be selected in most places where new records can be created as well as for the creation of generic extra metadata.
- Extras
- Extras templates are focused on the generic extra metadata of a record. These kind of templates can be selected and combined wherever such metadata can be specified, including when creating other templates.
Creating new templates
Creating a new template is similar to creating other kinds of resources. Each template requires at least setting a title and identifier for the template itself, while the actual template data depends on the specific type of template.
Managing existing templates
Similar to other resources, templates have their own navigation menu, offering different tabs for viewing and managing templates.
Users
In this view, all registered users of the current Kadi4Mat instance are shown. Clicking on a user leads to a separate page, which contains another navigation menu, providing access to different subpages. The respective contents of these pages are briefly described below.
- Profile
- On this page it is possible to see the basic information of a user, such as username and account type. Users are able to control some of the information shown on this page via the Settings.
- Resources
- This page shows all accessible resources that a specific user created. When looking at other users, resources that were (explicitly) shared with a user, either directly or via groups, are shown as well, including common groups.
- Trash
- This page is only visible to the current user. Here, deleted resources can be found, namely deleted records, collections, templates or groups. Resources can either be restored or deleted permanently. The latter will also happen automatically after 1 week. Until then, the identifier of the deleted resources cannot be reused for newly created resources. Note that currently only the creator of a resource can restore or permanently delete it.
Groups
Groups can be used to group several users together, which primarily facilitates access management.
Creating new groups
Creating a new group is again similar to creating other resources. Aside from basic metadata, a group picture can also be uploaded, which will be shown on the group overview as well as on search result pages.
Managing existing groups
The management of existing groups is similar to other resources as well. Besides the usual contents, there are additional tabs that allow viewing resources that have been shared with a group.
- Overview
-
This tab provides an overview of a group, mainly related to its metadata. Additionally, the members of a group are shown in this overview. Managing the members of a group is comparable to managing the access permissions of other resources, as group membership is linked to the access permissions of a group. Specifically, as long as a user has any role in a group, they are a member of this group as well, while of course also having the respective permissions their role provides within the group.
Besides managing members directly, it is possible to automate the assignment of roles within a group by specifying rules with different conditions. Each rule is applied when a new user registers, but it can also be applied retroactively to all existing users.
Settings
The settings allow managing everything not directly related to the actual creation and management of resources. The navigation menu of the settings again provides access to different subpages.
- Profile
- In this menu, it is possible to change basic user information, which is displayed on a user's profile. Note that some options might be disabled, depending on the type of the user account.
- Password
- In this menu, users can change their password. Depending on the type of user account this menu item may be hidden.
- Preferences
- In this menu, users can change their preferences regarding the behavior or appearance of Kadi4Mat.
- Access tokens
- This menu can be used to create and manage personal access tokens (PATs). Creating a PAT makes it possible to directly interact with the HTTP API that Kadi4Mat provides. Detailed information about the API and PATs can be found in Kadi4Mat's documentation. Some parts of the API may also be tested out directly via the browser by navigating to https://kadi4mat.postlithiumstorage.org/api.
- Applications
- This menu can be used to register and manage registered or authorized applications. An application can be used to integrate another service with the HTTP API that Kadi4Mat provides. For authorization, OAuth2 tokens are used, which an application can request by implementing the corresponding OAuth2 authorization flow. Detailed information about the API and OAuth2 tokens can be found in Kadi4Mat's documentation.
- Connected services
- In this menu, users can manage their connections with different third-party services. Each service has to be registered as a plugin in the application and can be used for different tasks, e.g. publishing resources. Note that if no services are available in the current Kadi4Mat instance, this menu item is hidden.