User Management
Description
The User Management module provides a simple interface to manage user authorization.
Privileges or access rights to the different Ambience modules can be granted to a user either by adding the user to a role that has those privileges, adding those privileges directly to the user’s set of extra privileges or both of the mentioned options.
Privileges added through roles and extra privileges are both read. For instance, if a user’s role only has the mod-dashboard privilege but the user has the mod-dashboard-edit privilege as an extra privilege, the user would benefit from both privileges.
Users must be added through this module first before privileges can be granted. Suspending user access can also be done by disabling users. This action can easily be undone by enabling disabled users.
Another option for assigning roles to existing users is to use the Role Management module. There is no difference in the effect of role assignments between assigning roles to users through the User Management module and assigning users to roles through the Role Management module.
Note that authentication is managed separately (e.g. Identity Management module or externally). The name assigned to the user through the User Management module should match the username used by the authentication mechanism to be able to successfully authorize the user.
Features
- Add user
- Edit user
- Enable and disable user
- Add and remove role
- Add and remove extra privilege
- Delete user
- Refresh list
- Search
Module Interfaces
| Interface | Description | Required Privilege |
|---|---|---|
| User Management | Allows adding, modifying and deleting users. | mod-users |
Add User
To add a user, start by clicking on the “Add” button on the upper right corner of the page.
On the “Add” panel, set the new user’s properties, roles and privileges.
Input Fields
| No. | Field | Description | Mandatory | Input Type | Constraints | Default Value |
|---|---|---|---|---|---|---|
| 1 | Name | Unique username assigned to the user that would be used as its identifier. | Y | Text field | String made of alphanumeric characters, special characters such as - dash (-) - at sign (@) - underscore (_) - full stop (.) Other special characters and symbols are not allowed. The value must not exist in the current list, regardless of status (enabled or disabled). The value is case-sensitive. |
Empty string |
| 2 | Enabled | Indicates if the user is enabled (selected) or disabled (unselected). | Y | Checkbox | True (selected) or false (unselected) | True (selected) |
| 3 | Roles | List of roles that are assigned to the user. | N | Checkbox | Multiple values can be selected. All roles are listed as available options. | No value selected |
| 4 | Extra Privileges | List of additional privileges that are assigned to the user. | N | Checkbox | Multiple values can be selected. All privileges are listed as available options. | No value selected |
Under “Properties”, key in the username to be given to the user into the “Name” field. Only the “Name” field is mandatory and it must be a unique value (not used by any other user). The user is enabled by default. Simply deselect the checkbox to disable the user.
Select any of the roles and privileges, if necessary.
Click on the “Save” button located on the upper right corner of the “Add” panel to proceed with adding the new user. Clicking on the “Cancel” button aborts the action.
Edit User
To modify an existing user’s attributes, click on the “Edit” icon under the “Actions” column corresponding the said user.
The “Edit” panel displays the selected user’s attributes. The same fields and constraints in Add User are applied.
Click on the “Save” button located on the upper right corner of the “Add” panel to proceed with saving the changes made to the existing user. Clicking on the “Cancel” button aborts the action and retains the user’s attributes prior to opening the “Edit” panel.
Note that changes would only take effect upon the next login of the affected user. It is advised that the modified user logout then login again if the said user is logged in while the changes were being made.
Enable and Disable User
Disabling a user temporarily suspends all privileges or access rights granted to the user without manually changing any of the configuration. Although deleting and disabling users have the same effect on the affected user, it is advisable to disable users instead of deleting them from Ambience for audit purposes. Disabled users would be able to login but would have no access to any module. Disabled users who attempt to login would encounter an “unknown user” message.
Enabling and disabling a user can be done through adding a new user or editing an existing user.
To enable a disabled user, select the “enabled” checkbox under “Properties” then save.
Similarly, deselect the checkbox to disable an enabled user.
Delete User
Deleting a user removes it from the records, which means another user with the same username as the deleted user can be added.
To delete an existing user from Ambience, click on the “Delete” icon under the “Actions” column corresponding the said user.
There is an option to undo the deletion. A notification with an “Undo” button appears right after clicking on the “Delete” icon.
Upon clicking on the “Undo” button, the deleted user is restored and is added back to the list of users.
Refresh List
After performing actions (e.g. add user, delete user) on the browser window/tab, the list is reloaded to display the updated data. The manual “Refresh” button is available and is particularly useful if there are others making changes on the same page and/or making changes to user assignments in the Role Management module.
The “Refresh” button is available on the upper right corner of the page. Clicking on it reloads the list of users.
Search
The search bar appears on the upper left corner of the page.
This provides an easy way to search through the user list. It is case-insensitive and displays records that have the entered search value in any of the values of the fields below:
- Name
- Roles
