Managing Users and Roles in Redwood Server
Users and roles are defined in external authentication systems, however, you can manage certain Redwood Server-specific aspects of these in Redwood Server. The user or the role must to appear in Redwood Server.
Users
You can disable and enable login for users, this only affects Redwood Server and has no incidence on external authentication or authorization systems. When you disable a user, any objects owned by that user should be duplicated and deleted. Special care needs to be taken when you disable users that own processes and/or process and/or chain definitions. You use the System_ChangeOwner process definition to change owners of processes and process or chain definitions.
Roles
Only custom roles, or roles that were not built-in, can be edited. You can create roles, however, the role names should not match role names that exist in the external authentication system. If you create a role in Redwood Server with a name that matches a role in your external authentication system, the role will not be imported from the external authentication system, however, grants will be done. This allows you to grant permissions to roles that have not yet been imported - so you do not need to log in with users having these roles to grant privileges.
Context-Menu
Users support the following context-menu actions:
| Action | Description |
|---|---|
| Activate login for user | Enable login for a disabled user |
| Deactivate login for user | Disable login for an enabled user |
| Disable the user permanently | Prevent the user from logging in again |
| Edit | Edit the user's privileges |
| Show permalinks | Show links that can be used from third party applications to link to the object |
| Expand All | Expand all users in the current filter |
Roles support the following actions:
| Action | Description |
|---|---|
| Duplicate | Duplicate a role |
| Edit | Edit a role's description and its privilege grants |
| Export with Privileges | Export a role with all its privileges |
| Promote | Promote the role to a remote system |
| Delete | Delete the role |
| Show permalinks | Show links that can be used from third party applications to link to the object |
| New role | Create a new role |