Manage Users and Groups: Difference between revisions

From QPR ProcessAnalyzer Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ''[[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Global_and_Project_Roles|ManageUsers]]'' permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read [[Roles and Permissions in QPR ProcessAnalyzer]].
The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ''[[Roles_and_Permissions#Global_and_Project_Roles|ManageUsers]]'' permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read [[Roles and Permissions]].


All changes made in the Manage Users dialog are saved immediately. The bottom of the screen shows either ''Saving'' when saving is currently in progress and, ''Saved'' when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system.
User can be ''active'' or ''inactive''. Inactive users are not allowed to login and thus use their assigned permissions. Users can be inactivated both temporary or permanently to prevent them from login into the system. When using the built-in authentication, user not using the system anymore, need to be inactivated (as users cannot be deleted). When using the federated authentication, it's not necessary to inactivate users, because those users are anyways not able to login through the external authentication.
 
The dialog shows which users have a password defined. If user has a password, the user can authenticate via the built-in authentication method. If the SAML authentication is configured, users can also authenticate via it without a password in the QPR ProcessAnalyzer user management. If users are meant to authenticate only using the SAML, it's strongly recommended to remove the password from the user management to prevent the built-in authentication method.
 
All changes made in the Manage Users dialog are effective immediately. The bottom of the screen shows either ''Saving'' when saving is currently in progress and, ''Saved'' when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system.


'''Effective permissions''' show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user.
'''Effective permissions''' show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user.


== Creating Users ==
== Creating User ==
# In the '''Manage Users''' dialog, open the '''Users''' tab, and click '''Add user'''.
# In the '''Manage Users''' dialog, open the '''Users''' tab, and click '''Add user'''.
# Fill in '''Login name''' and optionally '''Full name''' and '''Email'''. Note that each user in the system must have a different login name.
# Fill in '''Login name''' and optionally '''Full name''' and '''Email'''. Note that each user in the system must have a different login name.
Line 16: Line 20:


== Setting User Password ==
== Setting User Password ==
# In the '''Manage Users''' dialog and open the '''Users''' tab.
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user from the left-side table and click '''Change password'''.
# Select a user from the left-side table and click '''Change password'''.
# Define a password for the user and confirm the password.
# Define a password for the user and confirm the password.
# Click the '''Change Password''' button.
# Click the '''Change Password''' button.
== Removing User Password ==
# In the '''Manage Users''' dialog, open the '''Users''' tab.
# Select a user (or several users) from the left-side table and click '''Remove password'''.
# Click the '''Remove''' button in the confirmation dialog.
It's recommended to remove password from users that switch to use the SAML authentication, and thus don't need to authenticate using the built-in method.


== Editing User Description ==
== Editing User Description ==
Line 84: Line 95:
# In the confirmation dialog, click the '''Inactivate''' button.
# In the confirmation dialog, click the '''Inactivate''' button.


Note that inactive users cannot be edited. Use needs to be activated to edit the user.
In QPR ProcessAnalyzer users cannot be removed (to preserve the audit data). Instead if user is not using the system anymore, the user account needs to be inactivated. Inactive users cannot login to the system.
 
Note that inactive users information cannot be changed - the user needs to be activated first.


== Activating Users ==
== Activating Users ==
Line 96: Line 109:
# Table is showing the effective permissions for the selected project or user.
# Table is showing the effective permissions for the selected project or user.


When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual [[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Global_and_Project_Roles|permissions]] for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual [[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Global_and_Project_Roles|permissions]] for each project.  
When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual [[Roles_and_Permissions#Global_and_Project_Roles|permissions]] for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual [[Roles_and_Permissions#Global_and_Project_Roles|permissions]] for each project.  


[[Category: QPR ProcessAnalyzer]]
[[Category: QPR ProcessAnalyzer]]

Latest revision as of 15:30, 10 February 2024

The Manage Users dialog is used to create and modify users and groups, and manage roles and permissions. Only users with ManageUsers permission can use the Manage Users dialog. This page contains information how to use the User Management dialog. For more information how permissions work in conceptual level, please read Roles and Permissions.

User can be active or inactive. Inactive users are not allowed to login and thus use their assigned permissions. Users can be inactivated both temporary or permanently to prevent them from login into the system. When using the built-in authentication, user not using the system anymore, need to be inactivated (as users cannot be deleted). When using the federated authentication, it's not necessary to inactivate users, because those users are anyways not able to login through the external authentication.

The dialog shows which users have a password defined. If user has a password, the user can authenticate via the built-in authentication method. If the SAML authentication is configured, users can also authenticate via it without a password in the QPR ProcessAnalyzer user management. If users are meant to authenticate only using the SAML, it's strongly recommended to remove the password from the user management to prevent the built-in authentication method.

All changes made in the Manage Users dialog are effective immediately. The bottom of the screen shows either Saving when saving is currently in progress and, Saved when saving changes is completed. Note that when making changes to your own roles or groups, in order for them to take effect, you should relogin to the system.

Effective permissions show the actual permissions that users have when using the system. The effective permissions are calculated from permissions that are in the groups of the user and also permissions that are assigned directly to the user.

Creating User

  1. In the Manage Users dialog, open the Users tab, and click Add user.
  2. Fill in Login name and optionally Full name and Email. Note that each user in the system must have a different login name.
  3. Click the Add user button.

Editing User Information

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the table and click the Edit button (or double-click the user in the table).
  3. Change the user information and click the Save button.

Setting User Password

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the left-side table and click Change password.
  3. Define a password for the user and confirm the password.
  4. Click the Change Password button.

Removing User Password

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user (or several users) from the left-side table and click Remove password.
  3. Click the Remove button in the confirmation dialog.

It's recommended to remove password from users that switch to use the SAML authentication, and thus don't need to authenticate using the built-in method.

Editing User Description

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the table and click Edit description.
  3. Change the user description and click the Save button.

Creating Groups

  1. In the Manage Users dialog, open the Groups tab, and click Add group.
  2. Fill in Group name and optionally Email. Note that each group in the system must have a different name.
  3. Click the Add group button.

Editing Group Information

  1. In the Manage Users dialog, open the Groups tab.
  2. Select a group from the table and click the Edit button (or double-click the group in the table).
  3. Change the group information and click the Save button.

Editing Group Description

  1. In the Manage Users dialog, open the Groups tab.
  2. Select a group from the table and click Edit description.
  3. Change the group description and click the Save button.

Adding Specific User to Groups

  1. In the Manage Users dialog, open the Users tab.
  2. Select a user from the left-side table.
  3. In the User belongs to groups table, click the Add to group button.
  4. Select a group and Membership type, and click the Save button.

Notes:

  • You can edit an existing memberships by selecting it from the table and clicking the Edit button.
  • You can delete an existing memberships by selecting it from the table and clicking the Delete button.
  • You can cancel the editing by clicking the 'Cancel button.
  • The Membership type is usually Member (other membership types are for legacy use cases).
  • Note that a user can be added to a group only once.

Adding Users to Specific Group

  1. In the Manage Users dialog, open the Groups tab.
  2. Select a group from the left-side table.
  3. In the Group contains users table, click the Add user to group button.
  4. Select a user and Membership type, and click the Save button.

See also notes in the Adding Specific User to Groups section.

Assigning Project-Level Roles to Users and Groups

  1. In the Manage Users dialog, open the Users tab (or Groups tab if assigning permissions to a group).
  2. Select a user/group from the left-side table.
  3. In the Project roles of user/group table, click the Assign role for project button.
  4. Select a project and Role, and click the Save button.

Notes:

  • You can edit an existing role assignment by selecting it from the table and clicking the Edit button.
  • You can delete an existing role assignment by selecting it from the table and clicking the Delete button.
  • You can cancel the role assignment editing by clicking the 'Cancel button.
  • User can have several roles for a project.

Assigning Global Roles to Users and Groups

  1. In the Manage Users dialog, open the Users tab (or Groups tab if assigning permissions to a group).
  2. Select a user/group from the left-side table.
  3. In the Global roles of user/group section, check/uncheck one of the global role checkboxes. Changes are saved.

Inactivating Users

  1. In the Manage Users dialog, open the Users tab.
  2. Select one or several users to be inactivated from the left-side table, and click the Inactivate users button.
  3. In the confirmation dialog, click the Inactivate button.

In QPR ProcessAnalyzer users cannot be removed (to preserve the audit data). Instead if user is not using the system anymore, the user account needs to be inactivated. Inactive users cannot login to the system.

Note that inactive users information cannot be changed - the user needs to be activated first.

Activating Users

  1. In the Manage Users dialog, open the Inactive users tab.
  2. Select one or several users to be activated from the table, and click the Activate users button.
  3. In the confirmation dialog, click the Activate button.

Checking User or Project Effective Permissions

  1. In the Manage Users dialog, open the Effective permissions tab.
  2. Select either a project from the Project list or a user from the User list.
  3. Table is showing the effective permissions for the selected project or user.

When showing effective permissions for a project, the effective permissions table shows all users that have any permissions to the project. The checkboxes are showing the individual permissions for each user. When showing effective permissions for a user, the effective permissions table shows all projects where the user has any permissions. The checkboxes are showing the individual permissions for each project.