Administrative User Management

Introduction

Administrators have full control over user accounts within the system. This includes creating new users, editing existing accounts, resetting passwords, and managing user roles and permissions.

Accessing User Management

1. Log In as Administrator

   • Use your administrator credentials to access the system.

2. Navigate to User Management

   • Click on the "Users" or "User Management" tab, typically found in the main menu or settings area.

Creating a New User

1. Click on "Add User"

   • Locate and click the "Add User" button.

2. Enter User Details

   • Username: Input a unique username for the new user.
   • Email Address: Provide the user's email address (optional but recommended).
   • Password: Set an initial password or allow the system to generate one.
   • Role/Permissions:
     • Assign a role such as User, Editor, Manager, or Admin.
     • Customize permissions if the system allows granular control.

3. Configure Additional Settings (Optional)

   • Force Password Change: Require the user to change their password upon first login.
   • Account Activation: Decide whether the account is active immediately or requires verification.

4. Save the User

   • Click "Create", "Save", or "Add User" to finalize the process.

5. Notify the User

   • Send the new user their login credentials securely, preferably through an encrypted method or in person.

Editing an Existing User

1. Select the User

   • From the user list, click on the username of the account you wish to edit.

2. Modify User Details

   • Update fields such as username, email, role, or permissions.
   • Reset the password if necessary.

3. Save Changes

   • Click "Update" or "Save Changes" to apply the modifications.

Disabling or Deleting a User

1. Select the User

   • Find the user in the list and click on their profile.

2. Choose an Action

   • Disable Account:
     • Temporarily prevent the user from logging in.
     • Useful for suspending access without deleting data.
   • Delete Account:
     • Permanently remove the user from the system.
     • Optionally, delete or reassign any nodes or data associated with the user.

3. Confirm the Action

   • A confirmation prompt will appear.
   • Review the details and click "Confirm" or "Delete".

Using Administrative Tokens (API Actions)

• When performing administrative actions through the API, include the administrative token in your requests for authentication.

• Example of adding a user via API:

mutation {
  createUser(username: "newuser", password: "password123", isAdmin: false) {
    id
    username
  }
}

Security Best Practices

• Regular Audits

  • Periodically review user accounts and permissions to ensure they are up-to-date.

• Strong Password Policies

  • Enforce password complexity and expiration policies to enhance security.

• Limit Administrative Access

  • Only grant administrative privileges to trusted individuals who require them.

Troubleshooting

• Unable to Create or Edit Users

  • Ensure you are logged in as an administrator.
  • Check for error messages indicating permission issues or system errors.

• User Not Receiving Notifications

  • Verify the user's email address.
  • Ensure the system's email configuration is set up correctly.