To illustrate some of the aspects, the Engine UI is used here. However, each of the steps shown below can also be achieved with the help of custom clients.
GAMS Engine comes with a highly flexible model- and user management system that allows you to restrict the activities of your users according to your organizational hierarchy. To understand this in its entirety, we need to address a few concepts in more detail: models, namespaces, permissions and user types.
To illustrate some of the aspects, the Engine UI is used here. However, each of the steps shown below can also be achieved with the help of custom clients.
When submitting a GAMS job, it usually consists of model files and data files. While the latter usually differ with each job, the actual GAMS model remains mostly unchanged. In order to avoid submitting the same files to Engine with each job, models can be registered with Engine. Files of registered models are stored by Engine and used for subsequent jobs. You only need to provide the name under which the model is registered and send the dynamic data.
If a job submit includes files that are already stored as part of the registered model at Engine, the files submitted by the user will be used.
Models are organized in namespaces, which you can think of as file directories. Models are always registered in a namespace and submitted GAMS jobs are also executed there. Each model name can only occur once within a namespace. If two models with the same name are to be registered, this must be done in different namespaces. Apart from the ability to manage multiple models with the same name, namespaces are particularly useful for representing hierarchical (user) structures. This is due to an important property of namespaces, namely the concept of permissions.
Namespaces are similar to directories in the UNIX file system: you can specify which users have access to which namespaces. Just like the UNIX file system, GAMS Engine has three types of permissions on namespaces:Permission Code | Read Permission | Write Permission | Execute Permission |
---|---|---|---|
0 | - | - | - |
1 | - | - | |
2 | - | - | |
3 | - | ||
4 | - | - | |
5 | - | ||
6 | - | ||
7 |
In the following example, two namespaces are used by three people with different permissions to represent the structure and workflow of a company with a customer.
By default, the result files to which the customer has access also contain the model files. In order to restrict a user from accessing your model files, you have to specify a proper INEX file in addition to revoking read permission from this user!
After setting up GAMS Engine, there is a single namespace available with the name: global. Adding namespaces as well as registering models can easily be done via the Engine UI in the Models view.
After first installing the system, there is a single default user available with the name: admin and password: admin.
We strongly recommend that you change the default password for the admin user immediately after installing Engine to prevent unauthorized users from accessing your system!
If you are administrator, you can invite other users. If you are using the Engine UI, you will find an invite user button in the upper right corner of the Users section.
GAMS Engine distinguishes three types of users:
In order to add a new user to GAMS Engine, you need to generate an invitation code. Users can then register themselves by providing this invitation code, a username and a password. Invitation codes can be generated by administrators and inviters. When creating an invitation code, permissions to namespaces can be assigned so that the new user can start interacting with the system directly. Note that the invitee's permissions may be lower than the inviter's, but not higher. Furthermore, inviters are able to manage - i.e. modify permissions and delete - their children (invitees) as well as any grandchildren. In this way, you can set up several hierarchy levels.
User hierarchy example:
Result data is not automatically deleted by Engine. Over time, the storage usage on the server can grow accordingly. It is up to the admin to ensure that result data is deleted if necessary. The Engine API provides a cleanup endpoint for this.
If you are working with the Engine UI you can reduce the amount of storage used by GAMS Engine via the cleanup view. You can either remove result files of individual jobs one by one or clean up multiple files at once with the Run housekeeping dialog. This allows you to remove all files created more than x days ago and/or files created by users who have been removed from the system.