From wiki.ginstr.com
Revision as of 20:09, 31 October 2016 by Dejan (talk | contribs)
Jump to: navigation, search

SSO Common Content

Introduction and general points

Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in with a single ID and password to gain access to a connected system or systems without using different usernames or passwords, or in some configurations seamlessly sign on at each system. This means that single page is used to log in to multiple applications which are enabled / disabled for each user account by supervisor admin based on software modules ordered from ginstr. This multiple log in is ensured with common ticket which is added as post-fix in browser address of each application. (example https://my.ginstr.com/?ticket= here goes ticket number generated by SSO server) In browser application opens in different browser tab always so that SSO server tab stay opened and user can easily operate in both SSO server tab and in opened application tab.

ginstr SSO server is located on address https://sso.ginstr.com/


SSO log in screen


In bottom right corner of SSO log in screen there is drop down with languages where user have possibility to choose language in which SSO content will be displayed (NOTE: Not all listed languages are supported yet. If user choose unsupported language then content will be displayed in English)


drop down menu with languages


Below log in form on right side of log in form there is link "questions and answers (FAQ)" which when clicked opens page with frequently asked questions where user can find some help regarding registration process and other content needed for start of work with ginstr platform


position of FAQ link on log in screen
FAQ page


In case user doesn't find needed answer on FAQ page or in this manual then on right side of log in screen there is chat which when clicked opens chat window where user can chat directly with ginstr customer support.


position of chat on SSO log in page


If user already have Facebook or Google account then in this case below log in form on left side of log in form there are two buttons which allow user to log in to ginstr SSO with their existing Facebook or Google accounts. Once click on this buttons if not logged in to Facebook or Google user will be asked for authorization and if already logged in user will be asked to grant access to ginstr.


position of Facebook and Google log in buttons on SSO log in page


In case user forgot password there is link to screen for resetting password. Link is called "forgot password?" and is located on right side of log in form under password field. Once user enter screen for password reset there can enter e-mail used for registration and after click on reset password button e-mail with instructions will be sent to that e-mail address.

position of link which opens page to reset password


To register new account on ginstr SSO user should click on "sign up!" link positioned on top right side of log in form above e-mail field

position of sign up link

Signing up for new SSO account

Once user click on sign up! link on log in page of ginstr SSO a page with form for registering new ginstr iD (ginstr account) will open.

This form have following fields:

  • e-mail (required field)
  • password (required field)
  • re-enter password (required field)
  • first name (required field)
  • last name (required field)
  • mobile number (optional)
  • company (optional)

Also there is drop down with languages. Account will be created in language which is selected in this drop down (if language not supported yet if will be created in English language) There are also links that open page with frequently asked questions and page with privacy policy on ginstr web site.

appearance of form for registering new ginstr iD


Once fill all required fields and click on "register" button user will be taken to page with info that account is registered and that confirmation e-mail is sent to e-mail account that was used for registration. e-mail will be sent from address notifications@ginstr.com and will be titled ginstr iD activation (please check spam folder in case e-mail not appears in inbox folder shortly) and will contain link "Activate your ginstr iD" which when clicked will activate your account.


appearance of ginstr iD activation e-mail

Clicking "Activate your ginstr iD" link will take you to page where it will be confirmed that ginstr iD is activated and which will enable user to log in with newly created ginstr iD on ginstr SSO log in page.


SSO lobby

Once log in to ginstr SSO default set of applications icons will be displayed in SSO lobby. This applications are:

  • ginstr home page - opens https://www.ginstr.com/
  • ginstr web - opens ginstr web client which contains tables where master data for ginstr applications is defined and where data sent from ginstr applications is stored
  • OpenCellID - opens OpenCellID application


default applications icons in SSO lobby

When click on ginstr web icon user will be asked to accept "Conditions of Use for ginstr Applications". This will be required to do only once and when user accept this conditions of use they will not appear again on launching of ginstr web application.
NOTE: Even though account is now activated user will not be able to use ginstr web but will get error message "(1017) ginstr is disabled" until buy some ginstr subscription from ginstr shop https://shop.ginstr.com/produkt-kategorie/subscriptions/

In top right corner in SSO lobby there is user name displayed. When mouse over this user name drop down menu opens.


lobby menu position and appearance


Items in this menu are:

  • contact form
  • questions and answers (FAQ)
  • my account
  • conditions of use
  • imprint
  • privacy policy
  • log out


contact form

When click on this menu item then opens page with contact form that enables user to contact ginstr support via e-mail

contact form appearance

In this form all fields are required to be filled.


questions and answers (FAQ)

When click on this menu item then opens page with frequently asked questions


my account

When click on this menu item opens page for settings related to account. This page will be described in details later

my account page


conditions of use

When mouse over this menu item then sub menu item ginstr web appears. When click on that ginstr web sub menu item then page opens with displayed conditions of use for ginstr applications (same conditions of use which are displayed on first start of ginstr web application from SSO lobby)

conditions of use for ginstr applications


imprint

When click on this menu item opens imprint page on ginstr web site https://www.ginstr.com/imprint/


privacy policy

When click on this menu item opens the privacy protection page on ginstr web site https://www.ginstr.com/privacy-protection/


log out

When click on this menu item then user gets logged out and return to SSO log in screen


My account page

This page contains multiple sections:

  • my account
    • general
    • hide/show content
  • subaccounts
  • roles
my account page structure

my account

This section contains two sub sections: general and hide/show content

general

In this section are displayed all details related to account and here this details can be modified

general section

Following items are present in general section:

  • account
  • role
  • account status
  • language
  • e-mail
  • password
  • re-enter password
  • NFC
  • first name
  • last name
  • mobile number
  • company (optional)
  • disable chat support
  • delete all data of all tables in this account older than (days)
  • maximum number of rows that can be displayed in each table


account

Here is displayed username. This item is not editable


role

Here is displayed SSO role of account. This item is not editable


account status

Here is displayed status of account (active, suspended, deleted). This item is not editable


language

Here user can choose language in which SSO content will be displayed. Currently supported languages are English, German, Spanish, French, Hebrew and Arabic. After language is selected in drop down user should click on "Apply" button at the end of general section in order to apply change of language


e-mail

Here user can enter personal or company e-mail.


password and re-enter password

These two fields are used to change current password. In order to change password user must enter new password in both password and re-enter password fields and after that click on "Apply" button at the end of general section. New password must contain at least one digit, one uppercase letter and not less than 8 symbols.


NFC

In this filed user can enter NFC tag id which will be then used for this user to log in to ginstr apps on Android devices by scanning that NFC tag.


first name and last name

In these fields user can modify first and last name which were entered on account creation.


mobile number

In this field user can enter private or company mobile number


company (optional)

In this field user can enter name of company


disable chat support

By checking this checkbox user will disable support chat and chat window will not be displayed in both SSO and ginstr web


delete all data of all tables in this account older than (days)

In this field user can define for how long data in all tables of all applications enabled for that account will be kept. Default value is 0 which means that data will be kept in tables forever. Value must be positive number. Maximal value is 999. After set desired value user must click on "Apply" button at the end of general section in order to apply changes.


maximum number of rows that can be displayed in each table

Here user can define how much rows can be displayed in table before "filter by record creation date" appears in table. Once defined number of records is reached in some table then records in table will be grouped based on record creation date. This number of records is defined on browser and server level.



hide/show content

In this section is displayed list of applications, list of application tables with option to change permissions on those tables and section where user can assign or unassign records that exist in table. Also in this section user can set amount of days after which data will be deleted from tables on app and table level.


hide/show content section


Following parts exist in this section:

  • list of ginstr applications
  • list of tables of selected ginstr application
  • list of records in selected table
  • interface for defining how much days to keep records in tables on application and table level


list of ginstr applications

In this part are displayed names of all ginstr applications which are enabled for that account

list of tables of selected ginstr application

When user click on some application name in "list of ginstr applications" part then all tables of selected application are displayed in "list of tables of selected ginstr application". For each table there are displayed following permissions : create, read, update and delete (CRUD permissions). Here user have option that by clicking on link with name of some permission either enable or disable that permission for certain table. Also user have option to select table and then click on "activate all" link above list of table and activate all permissions on selected tables. If create permission is enabled on table this means that user will be able to create new records in that table. If read permission is enabled on table this means that user will be able to see that table in ginstr web. If update permission is enabled on table this means that user will be able to modify existing records in table. If delete permission is enabled on table his means that user will be able to delete records from that table in ginstr web

list of records in selected table

When user select some table in "list of tables of selected ginstr application" part then "list of records in selected table" part appears with option to assign/unassign existing records in table. When records are added to table they are assigned by default and they are listed in form of record id's in ASSIGNED list. If user click on some id in ASSIGNED list then that id moves to NOT ASSIGNED list on left side. When user click on "apply" button above ASSIGNED list then changes will be saved and record which is moved to NOT ASSIGNED list will not be displayed in table in ginstr web .

interface for defining how much days to keep records in tables on application and table level

Above "list of tables of selected ginstr application" part and "list of records in selected table" part there are fields where user can define how long data in all app tables or in single app table will be kept. This feature exists on 3 levels
1. all applications level (which exist in general section and is described there)
2. single application level - this field exist above "list of tables of selected ginstr application" part and when some number of days is defined there data in all tables of that app will be kept for that number of days and after that deleted
3. single table level - this field exist above "list of records in selected table" part and when some number of days is defined there data in that particular table will be kept for that number of days and after that deleted.
General rule is: If define amount of days on level 1 then same amount of days will be applied on levels 2 and 3 for all apps. If define amount of days for some app on level 2 then same amount of days will be applied on level 3 for all tables of that app and for all other apps (and those apps tables) will be still applied amount of days defined on level 1. If define amount of days for some table on level 3 then this amount will be applied for that table only and all other tables of that application will have amount of days defined on level 2 of that application .


subaccounts

In this section main account user can create subaccounts. Amount of subaccounts which can be created by main user is defined based on ginstr subscription. Main account is also called company account which means that for example if company have 10 workers which will be using application they will need to create 10 subaccounts on their main (company) account for each worker which will need to log in to application. Main account is like administrator for subaccounts created by that main account and can choose which applications subaccount can use and which permission will subaccount have on tables. Main account user can also delete subaccount created by that main account user.

subaccounts section


This section contains of following parts:

  • interface to add new subaccount and list of existing subaccount
  • list of applications enabled for selected subaccount
  • list of tables for selected applications
  • list of records in selected table


interface to add new subaccount and list of existing subaccount

When user click on "add subaccount" button on top of this section then interface will open where used can enter required data to create new subaccount.
In e-mail filed user should define e-mail which will be used as username of new subaccount.
In password field user should define password which will be used by new subaccount for logging in. Under this field there is checkbox "show password" which when checked will display password in text format.
In NFC field user can define NFC tag id which can be used by that new subaccount to log in to ginstr launcher and ginstr apps.
In role drop down user can select some of roles which can be created by user and will be described in next section.
In applications drop down user can select which applications will be enabled for subaccount
In access status drop down user can select between active and suspended status. User can create unlimited number of subaccounts with suspended status but only that much subaccounts with active status as have allowed by ginstr subscription. Only active subaccounts will be possible to use ginstr web and ginstr apps.
In idle timeout (hh:mm) field user can define amount of time after which if inactive subaccount will be logged out. Value should be set in range 00:20-24:00
creating subaccounts allowed checkbox if checked allows subaccount to create its own subaccounts. This option is not yet supported
user can use ginstr apps and user can use ginstr backend checkboxes allow main account to define if subaccount will be able to use ginstr web and/or ginstr apps.
Once all data filled when click on add button newly created subaccount appears in this section.
In list of existing subaccounts main user have option in list to click on show settings link which opens interface to edit existing subaccount or can click on trash can icon which will delete existing subaccount

list of applications enabled for selected subaccount

In this part are displayed names of all ginstr applications which are enabled for that subaccount

list of tables for selected applications

This part is same as described in hide/show content section.
When user click on some application name in "list of ginstr applications" part then all tables of selected application are displayed in "list of tables of selected ginstr application". For each table there are displayed following permissions : create, read, update and delete (CRUD permissions). Here user have option that by clicking on link with name of some permission either enable or disable that permission for certain table. Also user have option to select table and then click on "activate all" link above list of table and activate all permissions on selected tables. If create permission is enabled on table this means that user will be able to create new records in that table. If read permission is enabled on table this means that user will be able to see that table in ginstr web. If update permission is enabled on table this means that user will be able to modify existing records in table. If delete permission is enabled on table his means that user will be able to delete records from that table in ginstr web
Main difference is that in hide/show content section tables are created with enabled permissions and in subaccount section tables are created without permissions so that main user can define permissions on tables for subaccount.
Both main account and subaccount are using same tables of applications so there are no two set of tables but only different permissions on same tables.

list of records in selected table

This part is same as described in hide/show content section.
When user select some table in "list of tables of selected ginstr application" part then "list of records in selected table" part appears with option to assign/unassign existing records in table. When records are added to table they are assigned by default and they are listed in form of record id's in ASSIGNED list. If user click on some id in ASSIGNED list then that id moves to NOT ASSIGNED list on left side. When user click on "apply" button above ASSIGNED list then changes will be saved and record which is moved to NOT ASSIGNED list will not be displayed in table in ginstr web .
Since same tables are used for both main account and subaccoount records created by main account and all existing subaccoutns will be displayed in this section but it can be defined per each subaccount here which records will be displayed in table for that particular subaccount