User Structures: before and after the Conceptual Model
Creating the conceptual model in a TerraAmazon database changes the internal user structure. When a new database is created, it is not yet a TerraAmazon database, but a TerraLib model database. A TerraLib database can be accessed by every TerraFamily software.
Once the conceptual model is created, the database becomes a TerraAmazon model database. It is still possible to access such database with other TerraFamily software, but TerraAmazon features will not be available, such as users and projects, among others.
Two concepts of users must be described for best understanding user structure changes: DBMS Users and DB Users.
DBMS Users: taking PostgreSQL DBMS as an example, a DBMS User is a login role defined inside PostgreSQL. The PostgreSQL installation creates one DBMS user and after that, new DBMS users can be created and removed inside PostgreSQL at any time without any relation with TerraAmazon.
DB Users: TerraAmazon database users are created inside TerraAmazon and their user names and passwords are stored in a table inside the database. DB Users only exist after creating the conceptual model. Removing an entire TerraAmazon database also removes its DB Users, but does not remove DBMS Users.
Only DBMS Users can create new databases. Before the conceptual model is created, they are also the only ones with access to the database. They log in TerraAmazon with Administrator privileges.
As a result of the creation of the conceptual model, the first DB User is created with the same user name and password of the DBMS user that created the conceptual model. Since this user is not the DBMS user, the password can be changed afterwards through the proper interface without having any sort of effect on the DBMS user that created the conceptual model. After that, only this first DB user and those created by him can access the database.
The following scheme shows how the user structure changes.
Box 1: To understand the scheme, consider a DBMS with two users: User A and User B. Both users can either create or connect to new TerraLib databases through TerraAmazon interface. DBMS Users A and B log in TerraAmazon with Administrator privileges.
Box 2: As an example, consider that User A creates the conceptual model.
Box 3: as a result from the previous box, the TerraLib database changes to a TerraAmazon model database and the first DB user is created also named User A. From this point on, the DBMS users User A and User B can no longer connect to the database. The new DB User A also has administrator privileges and can create other Administrator Users as well as Operator Users.
Box 4: Administrator users created by the first DB user User A can also create users.
Box 5: Operator users are created by any administrator user after the creation of the conceptual model.