diff --git a/docs/src/content/docs/deployment/production.mdx b/docs/src/content/docs/deployment/production.mdx index 09ea2e07..f5f50a34 100644 --- a/docs/src/content/docs/deployment/production.mdx +++ b/docs/src/content/docs/deployment/production.mdx @@ -54,7 +54,7 @@ The following default settings in the `.env` file should be changed when deployi | value in prod environment | Notes | |------------------------------------------------------------------------------------------|---------------| | `CANDIG_DOMAIN=` | Update to correct prod domain | -| `CANDIG_INTERNAL_DOMAIN=${CANDIG_DOMAIN}` or `internal ip address` | Some sites have needed to change this to `127.0.0.1` | +| `CANDIG_INTERNAL_DOMAIN=${CANDIG_DOMAIN}` or `internal ip address` | Some sites have needed to change this to `127.0.0.1` | | `CANDIG_AUTH_DOMAIN=` | Update to correct prod auth domain | | `CANDIG_SITE_LOCATION=` | e.g. UHN, BC-Dev The name of your site, should be unique within a federation. | | `CANDIG_DEBUG_MODE=0` | Turn off DEBUG mode | @@ -71,6 +71,8 @@ The following default settings in the `.env` file should be changed when deployi | `TYK_ANALYTICS_FROM_EMAIL=YOUR-ADMIN-EMAIL@email.ca` | Update to a relevant email addresss | | `TYK_USE_SSL=true` | ensure tyk uses SSL | | `CANDIG_DATA_PORTAL_URL=https://${CANDIG_DOMAIN}:${CANDIG_DATA_PORTAL_PORT}/data-portal` | ensure dataportal url has https | +| `CANDIG_DATA_PORTAL_SUPPORT_EMAIL=YOUR_SITE_ADMIN_SUPPORT_EMAIL` | Update the value to a valid email that will deal with user requests to access to the portal | +| `DIR_PERMISSIONS=775` | You may not need to change the default here but be aware that this gives anyone in the group of the person that deployed the current instance the ability to recompose services and rebuild the stack | ### Setting location information diff --git a/docs/src/content/docs/deployment/user-roles.mdx b/docs/src/content/docs/deployment/user-roles.mdx index 14453fa7..56645e5a 100644 --- a/docs/src/content/docs/deployment/user-roles.mdx +++ b/docs/src/content/docs/deployment/user-roles.mdx @@ -16,7 +16,7 @@ Team members and Authorized users are similar in that they can only be granted a A summary of what each user role can do in CanDIG is in the table below. The full technical breakdown of which endpoints each user can access is controlled through opa and is found in [`paths.json`](https://github.com/CanDIG/candig-opa/blob/develop/defaults/paths.json) | Role | Register a new program | Edit authorized users in an existing program | ingest/delete data | view ingested data | -|---------------|-------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------| +|-----------------|-------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------|----------------------------------------------------------------------------| | Site admin | | | | | | Site curator | | | | | | Program curator | | (authorized programs) | (authorized programs) | (authorized programs) |