Users in the FEWS NET Data Platform are defined as the primary principals for which access to the system is granted. A user in the system represents a person or an external system that needs to have access to data in the system. A user group in the system is a collection of one or more users that have a common need to access a certain type of data available in the system.
A permission is defined as a right to perform a certain operation against a record of data in the system. For example, a permission may give a user the right to add new data into a data source document table, while a separate permission may give the user the right to delete a single row of data from a data source document table.
The majority of User user and user groupsgroup administration tasks can be performed in the following Administration sub-pages, accessible in the System administration drop-down menu:by going to System Administration > Authentication and Authorization.
...
Groups
The Groups’ administration Groups page allows system administrators to create a new group, add additional members, and assign unique permissions to the group.
...
It is also possible to edit an existing group attribute such as its name, its permissions and members from this page. Deleting a group is also performed from this page.
Permissions
The Permissions page enables administrators to manage the low level permissions in the system that can be granted to users or groups of users. From this page, system administrators can perform the following actions:
Add new permission: Add a new permission in the system by specifying a name, the relevant table, and its code name. Typically, each permission stands for one of the four basic operations in a database system: adding a new record, viewing an existing record, updating a record, and deleting an existing record.
Edit a permission record
Delete a permission record
Users
The Users page allows administrators to manage individual users in the FEWS NET Data Platform system. The actions that can be performed from this page are:
Add new users: Introduce a new user into the system by providing the basic user information of username, password, and an email address.
Edit users: Modify existing users’ details in the system, including adding first name and last name.
Delete users: Delete one or more users from the system.
Change user status: Designate a user account as Active or Inactive. Inactive accounts are not able to log into the system.
Assign superuser status: Superuser accounts have unlimited access to the system without belonging to any permissions groups.
Manage users groups: Manage the groups that an individual user is part of.
Add/Edit permissions: Add permissions at the user level.
Note:This is not an efficient way of managing permissions and should be used sparingly and only under rare circumstances.Search users: Search users using a free text search criteria.
Filter users: Filter users by staff status, superuser status, active or inactive, and groups.
Reset password: Reset user passwords.
Permissions
...
.
...
Add new permission: Add a new permission in the system by specifying a name, the relevant table, and its code name. Typically, each permission stands for one of the four basic operations in a database system: adding a new record, viewing an existing record, updating a record, and deleting an existing record.
Edit a permission record
Delete a permission record