Group Concept
General
VSETH IT consists of a variety of services and applications. By using the SWITCH AAI login, it is possible to login to all tools via a single account. Within a tool (such as the VSETH Wiki, for example), permissions must also be assigned so that certain users can carry out certain actions but not others (for example, ISG has permission to edit this page, while you, dear reader, may only view it). Compared to a company, VSETH has a very high fluctuation of active users. For this reason, authorisations are not linked to individuals but to groups. If there are personnel changes within a group, their authorizations are also automatically adjusted when the members are changed. This system minimises the effort and ensures a better overview and up-to-dateness. If this was not clear now, an example follows and the structure of the organisational structure is explained in more detail.
Example
Andrea Müller is a new member of the VSETH board and is responsible for communications. In user administration, she is added to the vseth-0308-vsethkomu group. This is a subgroup of the VSETH board. She is therefore automatically a member of the parent group board and also has the rights of a VSETH board member, such as access to the board folder on the storage. she also belongs to the communication group and has all the rights associated with it, such as the Newsletter tool. If she leaves VSETH, she is removed from the vseth-0308-vsethkomu group and thus loses her rights in communication and all groups above it, such as the VSETH board (vseth-0300-vs).
Processes
In essence, when issuing authorisations, the VSETH ISG distinguishes between two processes:
- Linking authorisations to a group (for example, the board of committee X, may edit a certain area in the Wiki).
- Adding a person to a group.
Since the second process is much more common, it makes sense to separate the two processes. A change to a group membership is much less time-consuming than assigning a permission to a group.
Design of the Organisational Structure
The exact organisational structure may be viewed at groups.vseth.ethz.ch at any time.
How it is structured is briefly explained here.
Group hierarchy: Users of a subgroup automatically belong to the parent group as well. This also means that users added in a subgroup receive all permissions from the parent group.
VSETH consists of the association and the student organisations (StudOrgs). The StudOrgs include the Associated Organizations (AsOrgs), the Recognized Organizations (AnOrgs) and the Partner Organizations, which are currently are the VSUZH and AGEPoly.
The association is further divided into executive, legislative, judicial and student associations. These are further divided into subgroups. In the judiciary there is the Business Audit Commission (GPK). The Members' Council (MR) and the Student Association Council (FR) belong to the Legislative. The 17 student associations are brought together under a separate consolidation level. The executive body includes 7 consolidation levels, sometimes e.g. the VSETH Executive Board or all 19 committees. A single committee is an example of an organisational unit.
Group naming
The hierarchical position of a group may be deduced from its name.
- It consists of three parts, each separated by "-".
- Group names are made up of only lower case letters, numbers and "-".
- The dash "-" is only used for separating hierarchical markers.