This is an old revision of the document!
This is where NAV administrator can control NAV user accounts, group memberships and access privileges.
The main view of the user administration panel shows the account list. Each user has a login (username) and a real name. If the source of the user is based on LDAP, the external column will indicate this. The final column listes the number of groups the user belongs to.
A fresh NAV installation will only have one account; admin with membership to the NAV administrator group. User admin has password set to admin. This should be changed at your first login.
Note: The procedure is the same for editing the values of an existing account, the same buttons to tweek.
The new user must be given a unique login and password that confirms. Next you may:
Note: A new user will be given implicit membership to the groups “authenticated users” and “anonymous users”. If you do not tweak on group membership, that will be his/hers set of rights. This also goes for users created with LDAP.
NAV comes with the following predefined groups:
Group | Description | Comment |
---|---|---|
Anonymous users | Unauthenticated users (not logged in) | Everyone are implicit members |
Authenticated users | Any authenticated user (logged in) | New users are implicit members |
NAV Administrators | Full access to everything | |
SMS | Allowed to receive SMS alerts |
In both cases you proceed to the “Group Details” tab
Use this to create new groups or edit existing. Each group must have
The actual definition of the group is shown in the Privileges section
The privileges system of NAV is built generally so that we in the future can expand to new privilege types. Currently only two privileges are supported and the second one has a very specific scope:
Privilege | Explanation |
---|---|
web_access | Controls what part of the web system a user has access to. Based on regular expression matching against actual NAV URLs. |
alert_by | Takes only one valid target: 'sms'. A user is not allowed to receive sms messages from NAV unless he has the “alert_by for sms” on his privilege list. |
To see examples of how you can use the web_access privilege, take a look at the definitions of the predefined group “Authenticated users”. A HOWTO on regexp is also provided as a link under “Grant privileges”