Manage Users and Groups: Difference between revisions

From QPR ProcessAnalyzer Wiki
Jump to navigation Jump to search
No edit summary
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Manage Users''' dialog is used to create and edit users and groups and manage roles and permissions. Only users with ''ManageUsers'' permission can use manage users. When making changes to your own user's roles or user groups, in order for them to take effect, you should relogin to the product. This page contains information how to use the User Management dialog, and for more information how permissions work in conceptual level, please read [[Roles and Permissions in QPR ProcessAnalyzer]].
The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ''[[Roles_and_Permissions#Global_and_Project_Roles|ManageUsers]]'' permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read [[Roles and Permissions]].


All changes made in the Manage Users dialog are saved immediately when made. The bottom of the screen shows either '''Saving''' when saving is currently in progress and '''Saved''' when saving changes is completed.
User can be ''active'' or ''inactive''. Inactive users are not allowed to login and thus use their assigned permissions. Users can be inactivated both temporary or permanently to prevent them from login into the system. When using the built-in authentication, user not using the system anymore, need to be inactivated (as users cannot be deleted). When using the federated authentication, it's not necessary to inactivate users, because those users are anyways not able to login through the external authentication.


== Creating Users ==
The dialog shows which users have a password defined. If user has a password, the user can authenticate via the built-in authentication method. If the SAML authentication is configured, users can also authenticate via it without a password in the QPR ProcessAnalyzer user management. If users are meant to authenticate only using the SAML, it's strongly recommended to remove the password from the user management to prevent the built-in authentication method.
 
All changes made in the Manage Users dialog are effective immediately. The bottom of the screen shows either ''Saving'' when saving is currently in progress and, ''Saved'' when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system.
 
'''Effective permissions''' show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user.
 
== Creating User ==
# In the '''Manage Users''' dialog, open the '''Users''' tab, and click '''Add user'''.
# In the '''Manage Users''' dialog, open the '''Users''' tab, and click '''Add user'''.
# Fill in '''Login name''' and optionally '''Full name''' and '''Email'''. Note that each user in the system must have a different login name.
# Fill in '''Login name''' and optionally '''Full name''' and '''Email'''. Note that each user in the system must have a different login name.
Line 10: Line 16:
== Editing User Information ==
== Editing User Information ==
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user from the table and click the '''Edit''' button.
# Select a user from the table and click the '''Edit''' button (or double-click the user in the table).
# Change the user information and click the '''Save''' button.
# Change the user information and click the '''Save''' button.
== Setting User Password ==
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user from the left-side table and click '''Change password'''.
# Define a password for the user and confirm the password.
# Click the '''Change Password''' button.
== Removing User Password ==
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user (or several users) from the left-side table and click '''Remove password'''.
# Click the '''Remove''' button in the confirmation dialog.
It's recommended to remove password from users that switch to use the SAML authentication, and thus don't need to authenticate using the built-in method.


== Editing User Description ==
== Editing User Description ==
# In the ''Manage Users'' dialog, open the ''Users'' tab.
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user from the table and click ''Edit description''.
# Select a user from the table and click '''Edit description'''.
# Change the user description and click the ''Apply'' button.
# Change the user description and click the '''Save''' button.


== Creating Groups ==
== Creating Groups ==
Line 25: Line 44:
== Editing Group Information ==
== Editing Group Information ==
# In the '''Manage Users''' dialog, open the '''Groups''' tab.
# In the '''Manage Users''' dialog, open the '''Groups''' tab.
# Select a group from the table and click the '''Edit''' button.
# Select a group from the table and click the '''Edit''' button (or double-click the group in the table).
# Change the group information and click the '''Save''' button.
# Change the group information and click the '''Save''' button.


Line 31: Line 50:
# In the '''Manage Users''' dialog, open the '''Groups''' tab.
# In the '''Manage Users''' dialog, open the '''Groups''' tab.
# Select a group from the table and click '''Edit description'''.
# Select a group from the table and click '''Edit description'''.
# Change the group description and click the '''Apply''' button.
# Change the group description and click the '''Save''' button.


== Adding User to Groups ==
== Adding Specific User to Groups ==
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user from the left table.
# Select a user from the left-side table.
# In the '''User belongs to groups''' table, click the '''Add to group''' button.
# In the '''User belongs to groups''' table, click the '''Add to group''' button.
# Select the group and the '''Membership type''', and click the '''Save''' button.
# Select a group and '''Membership type''', and click the '''Save''' button.


Note that a certain user can be added to a certain group only once.
Notes:
* You can edit an existing memberships by selecting it from the table and clicking the '''Edit''' button.
* You can delete an existing memberships by selecting it from the table and clicking the '''Delete''' button.
* You can cancel the editing by clicking the '''Cancel'' button.
* The ''Membership type'' is usually ''Member'' (other membership types are for legacy use cases).
* Note that a user can be added to a group only once.


== Adding Users to Group ==
== Adding Users to Specific Group ==
# In the '''Manage Users''' dialog, open the ''Groups'' tab.
# In the '''Manage Users''' dialog, open the ''Groups'' tab.
# Select a group from the left table.
# Select a group from the left-side table.
# In the '''Group contains users''' table, click the '''Add user to group''' button.
# In the '''Group contains users''' table, click the '''Add user to group''' button.
# Select the user and the '''Membership type''', and click the '''Save''' button.
# Select a user and '''Membership type''', and click the '''Save''' button.


Note that a certain user can be added to a certain group only once.
See also notes in the [[#Adding Specific User to Groups|Adding Specific User to Groups]] section.


== Assigning Project-Level Permissions to Users and Groups ==
== Assigning Project-Level Roles to Users and Groups ==
# In the ''Manage Users'' dialog, open the ''Users'' tab (or '''Groups''' tab if assigning permissions to a group).
# In the ''Manage Users'' dialog, open the ''Users'' tab (or '''Groups''' tab if assigning permissions to a group).
# Select a user or a group from the left table.
# Select a user/group from the left-side table.
# In the '''Project roles of user/group''' table, click the '''Assign role for project''' button.
# In the '''Project roles of user/group''' table, click the '''Assign role for project''' button.
# Select the project and the '''Role''', and click the '''Save''' button.
# Select a project and '''Role''', and click the '''Save''' button.


You can also edit an existing role assignment by selecting it from the table and clicking the '''Edit''' button.
Notes:
* You can edit an existing role assignment by selecting it from the table and clicking the '''Edit''' button.
* You can delete an existing role assignment by selecting it from the table and clicking the '''Delete''' button.
* You can cancel the role assignment editing by clicking the '''Cancel'' button.
* User can have several roles for a project.


Note that a certain user can have several roles for a certain project.
== Assigning Global Roles to Users and Groups ==
 
== Assigning Global Permissions ==
# In the ''Manage Users'' dialog, open the ''Users'' tab (or '''Groups''' tab if assigning permissions to a group).
# In the ''Manage Users'' dialog, open the ''Users'' tab (or '''Groups''' tab if assigning permissions to a group).
# Select a user or a group from the left table.
# Select a user/group from the left-side table.
# In the '''Global roles of user/group''' section, click one of the global role checkboxes. Changes are saved.
# In the '''Global roles of user/group''' section, check/uncheck one of the global role checkboxes. Changes are saved.


== Inactivating Users ==
== Inactivating Users ==
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select one or several users to be inactivated from the table, and click the '''Inactivate users''' button.
# Select one or several users to be inactivated from the left-side table, and click the '''Inactivate users''' button.
# In the confirmation dialog, click the '''Inactivate''' button.
# In the confirmation dialog, click the '''Inactivate''' button.
In QPR ProcessAnalyzer users cannot be removed (to preserve the audit data). Instead if user is not using the system anymore, the user account needs to be inactivated. Inactive users cannot login to the system.
Note that inactive users information cannot be changed - the user needs to be activated first.


== Activating Users ==
== Activating Users ==
Line 74: Line 104:
# In the confirmation dialog, click the '''Activate''' button.
# In the confirmation dialog, click the '''Activate''' button.


== Setting User Password ==
== Checking User or Project Effective Permissions ==
# In the '''Manage Users''' dialog and open the '''Users''' tab.
# Select a user from the table and click '''Set password'''.
# Define a password for the user and confirm the password.
# Click the '''Change Password''' button.
 
== Checking User and Project Effective Permissions ==
# In the '''Manage Users''' dialog, open the '''Effective permissions''' tab.
# In the '''Manage Users''' dialog, open the '''Effective permissions''' tab.
# Select either a project from the '''Project''' list or a user from the '''User''' list.
# Select either a project from the '''Project''' list or a user from the '''User''' list.
# Table showing the effective permissions for the selected project or user is shown.
# Table is showing the effective permissions for the selected project or user.
 
The effective permissions show the actual permission that users have when using the system. The effective permissions are calculated by taking into account or permissions that are in the groups of the user and permissions that are assigned directly to the user.


When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual [[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Global_and_Project_Roles|permissions]] that each user has. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual [[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Global_and_Project_Roles|permissions]] for each of the projects.  
When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual [[Roles_and_Permissions#Global_and_Project_Roles|permissions]] for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual [[Roles_and_Permissions#Global_and_Project_Roles|permissions]] for each project.  


[[Category: QPR ProcessAnalyzer]]
[[Category: QPR ProcessAnalyzer]]

Latest revision as of 15:30, 10 February 2024

The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ManageUsers permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read Roles and Permissions.

User can be active or inactive. Inactive users are not allowed to login and thus use their assigned permissions. Users can be inactivated both temporary or permanently to prevent them from login into the system. When using the built-in authentication, user not using the system anymore, need to be inactivated (as users cannot be deleted). When using the federated authentication, it's not necessary to inactivate users, because those users are anyways not able to login through the external authentication.

The dialog shows which users have a password defined. If user has a password, the user can authenticate via the built-in authentication method. If the SAML authentication is configured, users can also authenticate via it without a password in the QPR ProcessAnalyzer user management. If users are meant to authenticate only using the SAML, it's strongly recommended to remove the password from the user management to prevent the built-in authentication method.

All changes made in the Manage Users dialog are effective immediately. The bottom of the screen shows either Saving when saving is currently in progress and, Saved when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system.

Effective permissions show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user.

Creating User

  1. In the Manage Users dialog, open the Users tab, and click Add user.
  2. Fill in Login name and optionally Full name and Email. Note that each user in the system must have a different login name.
  3. Click the Add user button.

Editing User Information

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the table and click the Edit button (or double-click the user in the table).
  3. Change the user information and click the Save button.

Setting User Password

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the left-side table and click Change password.
  3. Define a password for the user and confirm the password.
  4. Click the Change Password button.

Removing User Password

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user (or several users) from the left-side table and click Remove password.
  3. Click the Remove button in the confirmation dialog.

It's recommended to remove password from users that switch to use the SAML authentication, and thus don't need to authenticate using the built-in method.

Editing User Description

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the table and click Edit description.
  3. Change the user description and click the Save button.

Creating Groups

  1. In the Manage Users dialog, open the Groups tab, and click Add group.
  2. Fill in Group name and optionally Email. Note that each group in the system must have a different name.
  3. Click the Add group button.

Editing Group Information

  1. In the Manage Users dialog, open the Groups tab.
  2. Select a group from the table and click the Edit button (or double-click the group in the table).
  3. Change the group information and click the Save button.

Editing Group Description

  1. In the Manage Users dialog, open the Groups tab.
  2. Select a group from the table and click Edit description.
  3. Change the group description and click the Save button.

Adding Specific User to Groups

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the left-side table.
  3. In the User belongs to groups table, click the Add to group button.
  4. Select a group and Membership type, and click the Save button.

Notes:

  • You can edit an existing memberships by selecting it from the table and clicking the Edit button.
  • You can delete an existing memberships by selecting it from the table and clicking the Delete button.
  • You can cancel the editing by clicking the 'Cancel button.
  • The Membership type is usually Member (other membership types are for legacy use cases).
  • Note that a user can be added to a group only once.

Adding Users to Specific Group

  1. In the Manage Users dialog, open the Groups tab.
  2. Select a group from the left-side table.
  3. In the Group contains users table, click the Add user to group button.
  4. Select a user and Membership type, and click the Save button.

See also notes in the Adding Specific User to Groups section.

Assigning Project-Level Roles to Users and Groups

  1. In the Manage Users dialog, open the Users tab (or Groups tab if assigning permissions to a group).
  2. Select a user/group from the left-side table.
  3. In the Project roles of user/group table, click the Assign role for project button.
  4. Select a project and Role, and click the Save button.

Notes:

  • You can edit an existing role assignment by selecting it from the table and clicking the Edit button.
  • You can delete an existing role assignment by selecting it from the table and clicking the Delete button.
  • You can cancel the role assignment editing by clicking the 'Cancel button.
  • User can have several roles for a project.

Assigning Global Roles to Users and Groups

  1. In the Manage Users dialog, open the Users tab (or Groups tab if assigning permissions to a group).
  2. Select a user/group from the left-side table.
  3. In the Global roles of user/group section, check/uncheck one of the global role checkboxes. Changes are saved.

Inactivating Users

  1. In the Manage Users dialog, open the Users tab.
  2. Select one or several users to be inactivated from the left-side table, and click the Inactivate users button.
  3. In the confirmation dialog, click the Inactivate button.

In QPR ProcessAnalyzer users cannot be removed (to preserve the audit data). Instead if user is not using the system anymore, the user account needs to be inactivated. Inactive users cannot login to the system.

Note that inactive users information cannot be changed - the user needs to be activated first.

Activating Users

  1. In the Manage Users dialog, open the Inactive users tab.
  2. Select one or several users to be activated from the table, and click the Activate users button.
  3. In the confirmation dialog, click the Activate button.

Checking User or Project Effective Permissions

  1. In the Manage Users dialog, open the Effective permissions tab.
  2. Select either a project from the Project list or a user from the User list.
  3. Table is showing the effective permissions for the selected project or user.

When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual permissions for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual permissions for each project.