Administration of a Vidjil server

This is the preliminary help for bioinformaticians administrators of the Vidjil web application. This help covers administrative features that are mostly accessible from the web application, and is complementary to the Docker/Server documentation. Users should consult the Web Platform User Manual.

Configuring pre-processes, processes and post-processes

Pre-processes (after sample upload)

Custom pre-processing steps can be added. They are called right after the upload of each sample, before launching the main processes. They can be used, for example to filter out some reads, to demultiplex UMI or to merge paired-end reads. Admins can add new pre-processes, and users can select a pre-process if they are allowed to.

Warning: Adding an external program may bring additional security or performance issues. Make sure you trust scripts you need to add before putting them on a production server.

Adding a pre-process

Steps may differ if you use a plain-installation or a docker image.

Here is an example with a fictive paired-end merger: "mymerger".

Now, you can set the permission to give the access to this preprocess at your users. To do this, you need to click on the key logo of into the list of preprocess. This open a panel from where you can set the permissions of acces to preprocess. If you give permission to a group, each user of it will have access to it. If you need to give permissions to all users of the server, you can simply do that by given permission to public group. You can also give permissions to some specifics users of the list.

Main process and "fuse" configuration

This page shows the configurations list for the main analysis process. Config are just parameters for:

Each configuration has permissions for some groups.

Pre- and post-processes (around fuse)

It is possible to run further pre- or post-process scripts around the "fusing" of results by giving --pre and/or --post options to fue. These scripts can also be wrappers of other software. This can be useful to further process the result files, possibly taking into account several result files as in a MRD setup developed by Joao Medianis (Boldrini center, Brasil).

Adding such a pre/post-process

When the users select this config, these pre- and post-processes will also be called.

Users, groups, and permissions

Users

Users can be granted with various permissions:

These permissions are assigned to groups to which a user can belong. Upon creation a user is automatically assigned a newly created group designed to be the user's personal group.

A user can belong to several groups and thus having access to several sets of patients with different permissions on each set. For example, he could be able to edit the patients of one group, but not the patients of another one.

Groups

Groups can be hierarchic: A group can have a parent group. All patient/run/set assigned to a group are also accessible to the children groups. Other permissions are not transfered from parents to children and access is not transfered from a child to a parent.

Child groups should be considered as roles inside the parent group as they should not possess any personal access to parents. They also cannot possess any children of their own. Assigning a new group to a group which has a parent defer the parent-child relationship to that parent.

Creating groups

When creating the groups for an organization the parent group MUST be the first group created. Assigning a parent to a group cannot be done after creation. A group cannot change parents. Users can be created at any time. They can also be added or removed from groups whenever it is convenient

Example: create organization with sub groups/roles

Users will now be able, if permissions allow it, to create patients for these groups. Any patient created should automatically be assigned to the parent group. Any patient created for the parent group will be accessible by any member of one of the child groups.

Example: converting a previous user account into a group account

Sometimes a user has a account, does some analyses, and then want to create accounts for other members of her team. The following procedure makes that whole data uploaded by the user will be available to the whole group.

If needed, you can also recreate a personal group for the user.

Adding roles to an organization

You can use various panel of rights depending of the roles that you want create. For example, in a hospital, you may want that only a subgroup of people, let say doctors, are allowed to save an analysis.

Their is no preset of rights defined. You can select manualy, inside detailled view of each group and sub-group, To do this, there is not any preset of permissions, but you rather have to select, inside the detailed view of each group and sub-group, the permissions you want to grant for each of these groups.

Adding an user to a group

Adding a user to a group gives him access to the data of the group. This should be done only with explicit authorization of the group manager.

Removing an user from a group

To remove a user from a group, open the corresponding group and click on the cross at the end of the line. Data will still be accessible for other users of this group.

If the user should no longer have access to an account, you can after that delete the user or simply remove access by changing his password and/or restrain rights for his personnal group.

Server Monitoring

Some monitoring features are accessible through the web application : XXX TODO XXX