wiki:UsersAndGroups

Managing Users and Groups

When you are logged in as an administrator in Officeshots, the menu at the bottom will have several extra items. The Users and Groups items allow you to manage users, groups and access control to Officeshots.

Managing users

Going to the Users page will show a list of all registered users, their e-mail addresses and what groups they are a member of. Administrators cannot add new users. They need to register themselves so they can activate their account. Clicking on a username allows you to view the details of a user. When you edit a user you can change his name, e-mail address and password. You can also manage which groups the user is a member of. Make sure that a user is always part of the All Users group. That group contains the permissions they need to use Officeshots.

Managing groups

Follow the Groups admin shortcut to see an overview of all user groups. From here you can add new groups or modify existing groups.

Request Limit
The maximum number of documents that a member can upload per day. This only applies to documents submitted through the front page. It does not apply to documents uploaded by any factories that the user is running.
Default Memberlist
You can use this option to automatically add certain users to this user group. Set it to the full path to a textfile somewhere on your server. The text file should contain a list of e-mail addresses, one per line. All users whose e-mail address is listed in this file will be added to this user group automatically. When a new user registers and his e-mail address appears on this list, he will also be automatically added to this user group.

When you set a default memberlist on a user group

You can also opt to add all existing users to a user group. Unchecking this option does not remove any users. When this option is checked, all newly registered users will also be added to this group.

Access control

When you view the detail page for a group you can see the associated premissions and a list of members. Permissions are in the form of <controller>:<action>, where the controller part matches one of the controllers in the www/app/controllers/ directory and the action part matches one of the controller functions. * is allowed as a wildcard.

These permissions only apply to authenticated users that are a member of the group. The permissions for unauthenticated users are hard-coded in the application source code. You should not have to change the permissions for any of the existing user groups.

The permissions for a user are based on his group membership. If any group grants the user permission to a certain part of Officeshots then he will be granted access. You cannot use the permission system to deny access to parts of the website.

Last modified 9 years ago Last modified on 05/25/10 14:19:00