Operations by Security Level

The VOV security model consists in assigning a Security Code to each client (browser, GUI, CLI) and to grant the permission to execute tasks only to clients with appropriate security level.

VOV defines four ordered privilege levels, shown from the least privileged to the most privileged:

READONLY
USER
LEADER
ADMIN

VOV security is enforced by the server process. Each time that a client requests a transaction, the security level of that client's owner is compared to the definitions in the project's security.tcl file, and permission is granted or denied accordingly.

The following table shows the operations permitted to clients according to their privilege level. 'Y' indicates the operation is permitted, otherwise it is not.

VOV Operations allowed by Privilege Level
			Privilege Level
Object	Operation	Description	READONLY	USER	LEADER	ADMIN
Trace
	ViewStatus	View status information about jobs and files	Y	Y	Y	Y
	CreateJob	Add job to flow your own		Y	Y	Y
Job
	RunJobSelf	Run a job you own		Y	Y	Y
	RunJobOther	Run a job owned by another		Y	Y	Y
	StopJobSelf	Stop a job you own		Y	Y	Y
	StopJobOther	Stop job owned by another			Y	Y
	ModifyJobSelf	Modify a job you own		Y	Y	Y
	ModifyJobOther	Modify anything other than legal exit status or resources of job owned by another
	ModifyJobExitOther	Modify legal exit status for job owned by another				Y
	ModifyJobResourcesOther	Modify resource requested by job owned by another				Y
	ForgetJobSelf	Forget a job you own		Y	Y	Y
	ForgetJobOther	Forget a job owned by another			Y	Y
Project
	StartTasker	Start a vovtasker of this project			Y	Y
	StopTasker	Stop a vovtasker of this project		Y	Y	Y
	StartServer	Start this project's server				Y
	StopServer	Stop this project's server				Y
	ViewSecurity	See project security info				Y
	ModSecurity	Change project security info				Y