The Users module provides a simple interface to manage user authorization.
Privileges or access rights to the different Ambience modules can be granted to a user either by adding the user to a role that has those privileges, adding those privileges directly to the user’s set of extra privileges or both of the mentioned options.
Privileges added through roles and extra privileges are both read. For instance, if a user’s role only has the mod-dashboard privilege but the user has the mod-dashboard-edit privilege as an extra privilege, the user would benefit from both privileges.
Users must be added through this module first before privileges can be granted. Suspending user access can also be done by disabling users. This action can easily be undone by enabling disabled users.
Another option for assigning roles to existing users is to use the Roles module. There is no difference in the effect of role assignments between assigning roles to users through the Users module and assigning users to roles through the Roles module.
Note that authentication is managed separately (e.g. Identities module or externally). The name assigned to the user through the Users module should match the username used by the authentication mechanism to be able to successfully authorize the user.
- Add user
- Edit user
- Enable and disable user
- Add and remove role
- Add and remove extra privilege
- Delete user
- Refresh list
|Users||Allows adding, modifying and deleting users.||mod-users|
To add a user, start by clicking on the “Add” button on the upper right corner of the page.
On the “Add” panel, set the new user’s properties, roles and privileges.
|Field||Description||Mandatory||Input Type||Constraints||Default Value|
|Name||Unique username assigned to the user that would be used as its identifier.||Y||Text field||String made of alphanumeric characters, special characters such as
- dash (-)
- at sign (@)
- underscore (_)
- full stop (.)
Other special characters and symbols are not allowed. The value must not exist in the current list, regardless of status (enabled or disabled). The value is case-sensitive.
|Enabled||Indicates if the user is enabled (selected) or disabled (unselected).||Y||Checkbox||True (selected) or false (unselected)||True (selected)|
|Roles||List of roles that are assigned to the user.||N||Checkbox||Multiple values can be selected. All roles are listed as available options.||No value selected|
|Extra Privileges||List of additional privileges that are assigned to the user.||N||Checkbox||Multiple values can be selected. All privileges are listed as available options.||No value selected|
Under “Properties”, key in the username to be given to the user into the “Name” field. Only the “Name” field is mandatory and it must be a unique value (not used by any other user). The user is enabled by default. Simply deselect the checkbox to disable the user.
In the “Roles” section, you can select the roles that you wish to allow access to the user. Alternatively, you can search for the role by using the search function at the top of the section. There are options to select all, select none and invert selection by clicking on their respective icons next to the search function.
In the “Extra Privileges” section, add any extra privileges by selecting the checkboxes.
Click on the “Save” button located on the upper right corner of the “Add” panel to proceed with adding the new user. Clicking on the “Cancel” button aborts the action.
To modify an existing user’s attributes, click on the “Edit” icon under the “Actions” column corresponding the said user.
The “Edit” panel displays the selected user’s attributes. The same fields and constraints in Add User are applied.
Click on the “Save” button located on the upper right corner of the “Add” panel to proceed with saving the changes made to the existing user. Clicking on the “Cancel” button aborts the action and retains the user’s attributes prior to opening the “Edit” panel.
Note that changes would only take effect upon the next login of the affected user. It is advised that the modified user logout then login again if the said user is logged in while the changes were being made.
Disabling a user temporarily suspends all privileges or access rights granted to the user without manually changing any of the configuration. Although deleting and disabling users have the same effect on the affected user, it is advisable to disable users instead of deleting them from Ambience for audit purposes. Disabled users would be able to login but would have no access to any module. Disabled users who attempt to login would encounter an “unknown user” message.
To enable a disabled user, select the “enabled” checkbox under “Properties” then save.
Similarly, deselect the checkbox to disable an enabled user.
An enabled user is indicated with a green tick while a disabled user is indicated with a red cross in the Users page under the “Enabled” column.
Deleting a user removes it from the records, which means another user with the same username as the deleted user can be added.
To delete an existing user from Ambience, click on the “Delete” icon under the “Actions” column corresponding the said user.
There is an option to undo the deletion. A notification with an “Undo” button appears right after clicking on the “Delete” icon.
Upon clicking on the “Undo” button, the deleted user is restored and is added back to the list of users.
After performing actions (e.g. add user, delete user) on the browser window/tab, the list is reloaded to display the updated data. The manual “Refresh” button is available and is particularly useful if there are others making changes on the same page and/or making changes to user assignments in the Roles module.
The “Refresh” button is available on the upper right corner of the page. Clicking on it reloads the list of users.
The search bar appears on the upper left corner of the page.
This provides an easy way to search through the user list. It is case-insensitive and displays records that have the entered search value in any of the values of the fields below: