Manage Users and Groups: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| (25 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ''[[Roles_and_Permissions#Global_and_Project_Roles|ManageUsers]]'' permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read [[Roles and Permissions]]. | |||
User can be ''active'' or ''inactive''. Inactive users are not allowed to login and thus use their assigned permissions. Users can be inactivated both temporary or permanently to prevent them from login into the system. When using the built-in authentication, user not using the system anymore, need to be inactivated (as users cannot be deleted). When using the federated authentication, it's not necessary to inactivate users, because those users are anyways not able to login through the external authentication. | |||
The dialog shows which users have a password defined. If user has a password, the user can authenticate via the built-in authentication method. If the SAML authentication is configured, users can also authenticate via it without a password in the QPR ProcessAnalyzer user management. If users are meant to authenticate only using the SAML, it's strongly recommended to remove the password from the user management to prevent the built-in authentication method. | |||
All changes made in the Manage Users dialog are effective immediately. The bottom of the screen shows either ''Saving'' when saving is currently in progress and, ''Saved'' when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system. | |||
'''Effective permissions''' show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user. | |||
== | == Creating User == | ||
# In the '''Manage Users''' dialog, open the '''Users''' tab, and click '''Add user'''. | |||
# Fill in '''Login name''' and optionally '''Full name''' and '''Email'''. Note that each user in the system must have a different login name. | |||
# Click the '''Add user''' button. | |||
== | == Editing User Information == | ||
# In the '''Manage Users''' dialog, open the '''Users''' tab. | |||
# Select a user from the table and click the '''Edit''' button (or double-click the user in the table). | |||
# Change the user information and click the '''Save''' button. | |||
== | == Setting User Password == | ||
# In the '''Manage Users''' dialog, open the '''Users''' tab. | |||
# Select a user from the left-side table and click '''Change password'''. | |||
# Define a password for the user and confirm the password. | |||
# Click the '''Change Password''' button. | |||
== Removing User Password == | |||
# In the '''Manage Users''' dialog, open the '''Users''' tab. | |||
# Select a user (or several users) from the left-side table and click '''Remove password'''. | |||
# Click the '''Remove''' button in the confirmation dialog. | |||
It's recommended to remove password from users that switch to use the SAML authentication, and thus don't need to authenticate using the built-in method. | |||
== Editing User Description == | |||
# In the '''Manage Users''' dialog, open the '''Users''' tab. | |||
# Select a user from the table and click '''Edit description'''. | |||
# Change the user description and click the '''Save''' button. | |||
== Creating Groups == | |||
# In the '''Manage Users''' dialog, open the '''Groups''' tab, and click '''Add group'''. | |||
# Fill in '''Group name''' and optionally '''Email'''. Note that each group in the system must have a different name. | |||
# Click the '''Add group''' button. | |||
== Editing Group Information == | |||
# In the '''Manage Users''' dialog, open the '''Groups''' tab. | |||
# Select a group from the table and click the '''Edit''' button (or double-click the group in the table). | |||
# Change the group information and click the '''Save''' button. | |||
== | == Editing Group Description == | ||
# In the '''Manage Users''' dialog, open the '''Groups''' tab. | |||
# Select a group from the table and click '''Edit description'''. | |||
# Change the group description and click the '''Save''' button. | |||
== Adding Specific User to Groups == | |||
# In the '''Manage Users''' dialog, open the '''Users''' tab. | |||
# Select a user from the left-side table. | |||
# In the '''User belongs to groups''' table, click the '''Add to group''' button. | |||
# Select a group and '''Membership type''', and click the '''Save''' button. | |||
Notes: | |||
* You can edit an existing memberships by selecting it from the table and clicking the '''Edit''' button. | |||
* You can delete an existing memberships by selecting it from the table and clicking the '''Delete''' button. | |||
* You can cancel the editing by clicking the '''Cancel'' button. | |||
* The ''Membership type'' is usually ''Member'' (other membership types are for legacy use cases). | |||
* Note that a user can be added to a group only once. | |||
== Adding Users to Specific Group == | |||
# In the '''Manage Users''' dialog, open the ''Groups'' tab. | |||
# Select a group from the left-side table. | |||
# In the '''Group contains users''' table, click the '''Add user to group''' button. | |||
# Select a user and '''Membership type''', and click the '''Save''' button. | |||
See also notes in the [[#Adding Specific User to Groups|Adding Specific User to Groups]] section. | |||
== Assigning Project-Level Roles to Users and Groups == | |||
# In the ''Manage Users'' dialog, open the ''Users'' tab (or '''Groups''' tab if assigning permissions to a group). | |||
# Select a user/group from the left-side table. | |||
# In the '''Project roles of user/group''' table, click the '''Assign role for project''' button. | |||
# Select a project and '''Role''', and click the '''Save''' button. | |||
Notes: | |||
* You can edit an existing role assignment by selecting it from the table and clicking the '''Edit''' button. | |||
* You can delete an existing role assignment by selecting it from the table and clicking the '''Delete''' button. | |||
* You can cancel the role assignment editing by clicking the '''Cancel'' button. | |||
* User can have several roles for a project. | |||
== Assigning Global Roles to Users and Groups == | |||
# In the ''Manage Users'' dialog, open the ''Users'' tab (or '''Groups''' tab if assigning permissions to a group). | |||
# Select a user/group from the left-side table. | |||
# In the '''Global roles of user/group''' section, check/uncheck one of the global role checkboxes. Changes are saved. | |||
== Inactivating Users == | |||
# In the '''Manage Users''' dialog, open the '''Users''' tab. | |||
# Select one or several users to be inactivated from the left-side table, and click the '''Inactivate users''' button. | |||
# In the confirmation dialog, click the '''Inactivate''' button. | |||
In QPR ProcessAnalyzer users cannot be removed (to preserve the audit data). Instead if user is not using the system anymore, the user account needs to be inactivated. Inactive users cannot login to the system. | |||
Note that inactive users information cannot be changed - the user needs to be activated first. | |||
== Activating Users == | |||
# In the '''Manage Users''' dialog, open the '''Inactive users''' tab. | |||
# Select one or several users to be activated from the table, and click the '''Activate users''' button. | |||
# In the confirmation dialog, click the '''Activate''' button. | |||
== Checking User or Project Effective Permissions == | |||
# In the '''Manage Users''' dialog, open the '''Effective permissions''' tab. | |||
# Select either a project from the '''Project''' list or a user from the '''User''' list. | |||
# Table is showing the effective permissions for the selected project or user. | |||
When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual [[Roles_and_Permissions#Global_and_Project_Roles|permissions]] for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual [[Roles_and_Permissions#Global_and_Project_Roles|permissions]] for each project. | |||
[[Category: QPR ProcessAnalyzer]] | [[Category: QPR ProcessAnalyzer]] | ||
Latest revision as of 15:30, 10 February 2024
The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ManageUsers permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read Roles and Permissions.
User can be active or inactive. Inactive users are not allowed to login and thus use their assigned permissions. Users can be inactivated both temporary or permanently to prevent them from login into the system. When using the built-in authentication, user not using the system anymore, need to be inactivated (as users cannot be deleted). When using the federated authentication, it's not necessary to inactivate users, because those users are anyways not able to login through the external authentication.
The dialog shows which users have a password defined. If user has a password, the user can authenticate via the built-in authentication method. If the SAML authentication is configured, users can also authenticate via it without a password in the QPR ProcessAnalyzer user management. If users are meant to authenticate only using the SAML, it's strongly recommended to remove the password from the user management to prevent the built-in authentication method.
All changes made in the Manage Users dialog are effective immediately. The bottom of the screen shows either Saving when saving is currently in progress and, Saved when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system.
Effective permissions show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user.
Creating User
- In the Manage Users dialog, open the Users tab, and click Add user.
- Fill in Login name and optionally Full name and Email. Note that each user in the system must have a different login name.
- Click the Add user button.
Editing User Information
- In the Manage Users dialog, open the Users tab.
- Select a user from the table and click the Edit button (or double-click the user in the table).
- Change the user information and click the Save button.
Setting User Password
- In the Manage Users dialog, open the Users tab.
- Select a user from the left-side table and click Change password.
- Define a password for the user and confirm the password.
- Click the Change Password button.
Removing User Password
- In the Manage Users dialog, open the Users tab.
- Select a user (or several users) from the left-side table and click Remove password.
- Click the Remove button in the confirmation dialog.
It's recommended to remove password from users that switch to use the SAML authentication, and thus don't need to authenticate using the built-in method.
Editing User Description
- In the Manage Users dialog, open the Users tab.
- Select a user from the table and click Edit description.
- Change the user description and click the Save button.
Creating Groups
- In the Manage Users dialog, open the Groups tab, and click Add group.
- Fill in Group name and optionally Email. Note that each group in the system must have a different name.
- Click the Add group button.
Editing Group Information
- In the Manage Users dialog, open the Groups tab.
- Select a group from the table and click the Edit button (or double-click the group in the table).
- Change the group information and click the Save button.
Editing Group Description
- In the Manage Users dialog, open the Groups tab.
- Select a group from the table and click Edit description.
- Change the group description and click the Save button.
Adding Specific User to Groups
- In the Manage Users dialog, open the Users tab.
- Select a user from the left-side table.
- In the User belongs to groups table, click the Add to group button.
- Select a group and Membership type, and click the Save button.
Notes:
- You can edit an existing memberships by selecting it from the table and clicking the Edit button.
- You can delete an existing memberships by selecting it from the table and clicking the Delete button.
- You can cancel the editing by clicking the 'Cancel button.
- The Membership type is usually Member (other membership types are for legacy use cases).
- Note that a user can be added to a group only once.
Adding Users to Specific Group
- In the Manage Users dialog, open the Groups tab.
- Select a group from the left-side table.
- In the Group contains users table, click the Add user to group button.
- Select a user and Membership type, and click the Save button.
See also notes in the Adding Specific User to Groups section.
Assigning Project-Level Roles to Users and Groups
- In the Manage Users dialog, open the Users tab (or Groups tab if assigning permissions to a group).
- Select a user/group from the left-side table.
- In the Project roles of user/group table, click the Assign role for project button.
- Select a project and Role, and click the Save button.
Notes:
- You can edit an existing role assignment by selecting it from the table and clicking the Edit button.
- You can delete an existing role assignment by selecting it from the table and clicking the Delete button.
- You can cancel the role assignment editing by clicking the 'Cancel button.
- User can have several roles for a project.
Assigning Global Roles to Users and Groups
- In the Manage Users dialog, open the Users tab (or Groups tab if assigning permissions to a group).
- Select a user/group from the left-side table.
- In the Global roles of user/group section, check/uncheck one of the global role checkboxes. Changes are saved.
Inactivating Users
- In the Manage Users dialog, open the Users tab.
- Select one or several users to be inactivated from the left-side table, and click the Inactivate users button.
- In the confirmation dialog, click the Inactivate button.
In QPR ProcessAnalyzer users cannot be removed (to preserve the audit data). Instead if user is not using the system anymore, the user account needs to be inactivated. Inactive users cannot login to the system.
Note that inactive users information cannot be changed - the user needs to be activated first.
Activating Users
- In the Manage Users dialog, open the Inactive users tab.
- Select one or several users to be activated from the table, and click the Activate users button.
- In the confirmation dialog, click the Activate button.
Checking User or Project Effective Permissions
- In the Manage Users dialog, open the Effective permissions tab.
- Select either a project from the Project list or a user from the User list.
- Table is showing the effective permissions for the selected project or user.
When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual permissions for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual permissions for each project.