There are various possible ways to log in to Kadi4Mat. Each Kadi4Mat instance may have one or more authentication providers registered, which are briefly described below.
- This method of authentication uses separate accounts local to a specific Kadi4Mat instance. The credentials of each user consist of the respective username and password. Depending on the configuration of an instance, registration of new accounts may or may not be enabled.
- Shibboleth allows logging in using an existing account of a user's home institution. Each institution needs to be enabled separately in a Kadi4Mat instance. Note that some institution's identity providers may not release all required user attributes to Kadi4Mat by default. In this case, the administrator of the Shibboleth identity provider may need to be contacted.
- LDAP also allows logging in using existing user accounts residing in a specific LDAP installation, e.g. in an Active Directory. This method of authentication is not necessarily tied to any specific institution.
After logging in, the menu at the top left of the navigation bar allows access to Records, Collections, Templates, Users and Groups. Each navigation item leads to the corresponding main page of the respective resource, where existing resources can be searched and, if applicable, new resources can be created. Details about each resource type are described in the following sections.
The items at the top right of the navigation bar right also provide quick access to create new resources or search for existing ones. The dropdown menu on the far right can be used to access the current user's profile page as well as their created and deleted resources, see also Users. Furthermore, the menu makes it possible to access the Settings and to log out.
Records are the basic components of Kadi4Mat, as they contain data and connect it with corresponding metadata. The data of a record can consist of an arbitrary number of different files, all sharing the same metadata, as well as metadata only. Records can also be grouped into collections or linked to other records, as described later.
Creating new records
Creating a new record first requires entering its metadata. This includes basic information, such as title, (unique) identifier and description. Additionally, generic extra metadata can be specified, specific for each different kind of record. This metadata consists of key-value pairs, where each entry has at least a unique key, a type and a corresponding value with optional validation instructions. It is also possible to create templates for the generic metadata, as described in Templates. The following values types can be used for this metadata:
- A single text value.
- A single integer value. Integer values can optionally have a unit further describing them.
- A single floating point value. Float values can optionally have a unit further describing them.
- A single boolean value which can either be true or false.
- A date and time value which can be selected from a date picker.
- A nested value which can be used to combine multiple metadata entries under a single key.
- A nested value which is similar to dictionaries with the difference that none of the values in a list have a key.
Aside from the metadata, it is possible to set the visibility of a record to either private or public, the latter giving every logged-in user the ability to search for the record and view its contents without requiring explicit read permissions to do so. Finally, a record can be linked to one or more collections while creating it, which of course may also be done later.
Once the metadata of a record has been created, the actual data (i.e. files) of the record can be added in a separate view, which the application will redirect to automatically. This is just one part of the various views to manage records, the next section describes the purpose of the others, which can be selected after going back to the record overview page.
Managing existing records
On the record overview page, different views are available, each of which can be accessed through the respective tab in the navigation menu of a record. The individual tabs and their contents are briefly described below.
This tab provides an overview of a record, mainly related to its metadata. Here, it is possible to edit or copy a record, if the corresponding permissions are fulfilled, where editing a record also allows deleting it. Furthermore, records can be exported in various formats or published. Note that the publishing functionality is only available if at least one publication provider has been registered with the application.
This tab provides an overview of the files associated with a record. Given the corresponding permissions, new files can be added, which is usually done by uploading locally stored files. However, certain types of files may also be created directly via the web interface. Existing files can either be downloaded in bulk or individually using the quick navigation menu of each file. Depending on permissions, this navigation also shows additional actions to quickly manage files.Clicking on a file leads to a separate overview page of the corresponding file, which shows all additional file metadata. Furthermore, many file types also include a built-in preview functionality. Here, it is also possible to edit a file's metadata, including its deletion, or content, similar to the actions the quick navigation in the previous view provides. Some file types may offer direct editing of the actual file content, otherwise the regular upload functionality can be used.
- This tab provides an overview of the resources a record is linked with, which includes other records as well as collections. Collections are simple, logical groupings of multiple records, while links between records can specify their relationship. The latter can also contain additional metadata, which currently includes the name/type of the link and a timestamp. Furthermore, record links can be visualized in an interactive graph. Linking resources requires link permission in both resources that should be linked together. Note that users still won't be able to view any linked resources if they have no explicit permission to do so.
- This tab provides an overview of the access permissions granted to individual users or groups of multiple users for a specific record. New permissions can be granted if the corresponding permissions to do so are fulfilled, which currently works by using predefined roles. Details about the specific permissions and actions each role provides can be found using the Role permissions popover which is shown when managing permissions. Note that group roles are always shown to users being able to manage permissions, even if the group would normally not be visible. This way, existing group roles can always be changed and/or removed. Such group roles only contain very limited information about the group itself.
- This tab provides a history of changes to a record's metadata and its files. By clicking on View revision of a revision item, a separate view will open, providing a detailed overview of the changes that prompted the creation of this revision.
Collections represent simple, logical groupings of multiple records.
Creating new collections
Creating a new collection is similar to creating new records, except that only some basic metadata is necessary. Similarly, no files can be uploaded.
Managing existing collections
Similar to records, collections have their own navigation menu, offering different tabs for viewing and managing collections. As most of the contents are similar to those of records, only the main differences are listed in the following sections.
- This tab provides an overview of a collection, mainly related to its metadata. Additionally, the records that are part of a collection are directly listed in this overview.
- Besides linking collections to records, collections can also be linked to other collections, which is shown in this tab. This functionality can be used to create simple hierarchies of parent and child collections in order to improve the structuring of multiple resources, e.g. by representing projects and corresponding subprojects. Note that each collection may only have one parent, while the required permissions to link collections are handled similarly to other resource links.
- Besides managing the permissions of collections themselves, it is also possible to manage the roles of users and groups of all linked records in a collection in the corresponding tab. Specifically, this applies to all linked records where one can manage permissions. When selecting an empty role, the existing roles of all selected users and groups are removed instead.
Templates enable the creation of blueprints for different resources. There are multiple types of templates, which define the actual content that a template can contain. The following types of templates currently exist:
- Record templates can contain most of the metadata that can be specified for a record, including its generic extra metadata, and can be selected when creating a new record.
- Extras templates are focused on the generic extra metadata of a record. These kind of templates can be selected and combined wherever such metadata can be specified, including when creating other templates.
Creating new templates
Creating a new template is similar to creating other kinds of resources. Each template requires at least setting a title and identifier for the template itself, while the actual template data depends on the specific type of template.
Managing existing templates
Similar to other resources, templates have their own navigation menu, offering different tabs for viewing and managing templates.
In this view, all registered users of the current Kadi4Mat instance are shown. Clicking on a user leads to a separate page, which contains another navigation menu, providing access to different subpages. The respective contents of these pages are briefly described below.
- On this page it is possible to see the basic information of a user, such as username and account type. Users are able to control some of the information shown on this page via the Settings menu.
- This page shows all accessible resources that a specific user created. When looking at other users, resources that were (explicitly) shared with a user, either directly or via groups, are shown as well, including common groups.
- This is where deleted resources can be found, namely deleted records, collections, templates or groups. Resources can either be restored or deleted permanently. The latter will also happen automatically after 1 week. Note that only the creator of a resource can restore or permanently delete it, which is why this menu is only shown for the own user.
Groups can be used to group several users together, allowing for easier access management.
Creating new groups
Creating a new group is again similar to creating other resources. Aside from basic metadata, a group picture can also be uploaded, which will be shown on the group overview as well as on search result pages.
Managing existing groups
The management of existing groups is similar to other resources as well. Besides the usual contents, there are additional tabs that allow viewing resources that have been shared with a group.
This tab provides an overview of a group, mainly related to its metadata. Additionally, the members of a group are shown in this overview. Managing the members of a group is comparable to managing the access permissions of other resources, as group membership is linked to the access permissions of a group. Specifically, as long as a user has any role in a group, they are a member of this group as well, while of course also having the respective permissions their role provides within the group.Besides managing members directly, it is possible to automate the assignment of roles within a group by specifying rules with different conditions. Each rule is applied when a new user registers, but it can also be applied retroactively to all existing users.
The settings allow managing everything not directly related to the actual creation and management of resources. The navigation menu of the settings again provides access to different subpages.
- In this menu, it is possible to change basic user information, which is displayed on a user's profile. Note that some options might be disabled, depending on the type of the user account.
- In this menu, users can change their password. Depending on the type of user account this menu item may be hidden.
- In this menu, users can change their preferences regarding the behaviour or appearance of Kadi4Mat.
- Access tokens
- Creating a personal access token (PAT) gives access to the HTTP API that Kadi4Mat provides. This API makes it possible to programmatically interact with most of the resources that can be managed via the graphical user interface of Kadi4Mat by sending suitable HTTP requests to the different endpoints the API provides. Detailed information about the API can be found in Kadi4Mat's documentation.
- Connected services
- In this menu, users can manage their connections with different third party services. Each service has to be registered as a plugin in the application and can be used for different tasks, e.g. publishing resources. Note that if no services are available in the current Kadi4Mat instance, this menu item is hidden.