Panel Name fwAccessControl/fwAccessControl_EditUser.pnl
Introduction

Edit User panel

This panel is used to display and edit the details of the user, and to create new users.

The panel has four modes of operation, determined by the access rights and the dollar parameter $mode (see below):
Edit mode
presented in Figure 1, allow to edit the details of the user. This mode is active if the user has the User Administration access rights, the mode of the panel specified by $mode is not "RO", and non-empty name of the group was passed as the $groupName parameter.
Figure 1: Edit User panel in the "edit" mode
In the edit mode, the Edit..., Review, Show Current Access Rights, Reset ,OK and Closebuttons are available.
Edit own data mode
presented in Figure 2, allows to modify the full name and description of the own account. This mode is active if a user (not having the User Administration access rights) opens the User Edit panel for his own account.
Figure 2: Edit User panel in the "edit own data" mode
This mode is similar to the Edit mode. However, only the Full name, and Description are editable.
View mode
presented in Figure 3, only displays the details of the user and does not allow for changes. This mode is active if the user has no User Administration access rights and displays the details of other user, or the read-only mode of the panel was requested by setting the $mode to "RO".
Figure 3: Edit User panel in the "view" mode
In the view mode, only Show Current Access Rights and Closebuttons are available.
Create mode
presented in Figure 4, is used to create a new user. This mode is active if the $userName parameter passed to the panel contained an empty string.
Figure 4: Edit User panel in the "create" mode
In the create mode, Edit..., Reset, Create and Closebuttons are available.

The panel comprises the following elements:

  • User name text line defines the user name, which identifies the user in a unique way. This name is used during the login process and needs to be typed into the Login panel.
    Note that the Name_User restriction apply (see the Restrictions below) for user names.
  • User full name text line defines the full name of the user; it is free of restrictions concerning the characters used within (i.e. it may contain spaces).
    Note that the full name is displayed in the User List panel, and the filter therein applies to the user name and the user full name. It is recommended (yet not required) to define non-empty and unique user full name.
  • Description text line contains any additional information - it's meaning is not defined; it may be left empty.
  • Password text line is used to change user's password (if access rights are sufficient). No text is displayed in this field by default. If a new password is typed in, each letter that is typed is printed as "*" (asterisk) character. Note that specifying an empty line in the edit mode signifies leaving the password as it is, and not specifying the empty password (see also restriction NoEmptyPasswords in the Restrictions section below.
  • id text line (not editable) displays the internal unique identifier of the user. It is assigned automatically and may not be modified. This field is empty in the create mode of the panel. This idenifier may be of use for the experts and for debugging purposes.
  • Group membership table: displays the list of groups to which the user belongs.
  • Edit... button: allows to modify (add/remove) the groups to which the user belongs. It brings up the Edit User's Group Membership panel; for details refer to the documentation of that panel.
  • Review button: allows to display the changes in user's group membership. It brings up the Review Changes panel displaying the changes in group membership
  • Reset button: undoes the changes done in the panel, i.e. in the edit mode resets the contents of all editable fields so that they represent the current settings, while in the create mode it clears alld fields and granted access rights. Pressing this button does not apply any settings; it does not close the panel either.
  • Show Current Access Rights button: allows to display the list of access rights granted currently to the user. It brings up the User's Access Rights List panel,
    Note that the list will not take into account the changes in group membership.
  • OK (in edit mode) or Create (in create mode): applies the changes, i.e. modifies or creates the user, and closes the panel.
  • Close button: closes the panel without applying the changes.


Instructions
To create a user:
Open the panel in the create mode (e.g. click the Add in the User List panel, which may be opened using the Administration>Users context menu of the Toolbar panel).
Fill-in at least the user name then press the Create button.
To rename a group:
Make sure the panel is open in the edit mode, for the group you wish to rename; type in the modified name into the Group name text field, then press the OK button to apply the changes. You may want to alter other settings of the group at the same time, before pressing OK.
To change the full name or description:
Make sure the panel is open in the edit mode; type in the new full name or description in the appropriate fields, then press the OK button to apply the changes. You may want to alter other settings of the group at the same time, before pressing OK.
To change the access rights granted to the group:
Click on the Edit... button; this will bring up the Edit Group's Access Rights panel, where you will be able to grant and revoke the access rights; follow the documentation for that panel.
To review the changes in the access rights:
Click on the Review button; this will bring up the Review Changes panel with lists of access rights that are going to be revoked and granted to the group.
To display the list of users belonging to the group:
Click on the Show Users button; this will bring up the Group Members List panel.
To reset the changes:
Click on the Reset button; this will fill-in the panel with actual settings for the group (in the edit mode) or clear all the fields (in the create mode).
To delete a user:
You need to use the Delete button in the User List panel; it is available, for instance, from the Administration>Users context menu of the Toolbar panel.
To cancel the changes or cancel user creation:
Press the Close button
To apply the changes made to user:
Press the OK button; this will bring up the Confirm User Change panel, asking you for the confirmation of the changes. You will be able to review all the changes, then decide to ultimately accept or reject them.
To change the password:
Use the Change Password option from the context menu of the Toolbar panel.
To change other user's password, you need to open the panel in the edit mode, then type in the new password in the Password text field. Note that it is not possible to set an empty password this way.
Restrictions
  • Access_User: To edit an existing user, or create a new user one needs the User Administration (or System Administration) access rights (see also the Setup Panel ). All users are allowed to change the description and the full name of their own account.
  • Name_User: User name must not contain the space ( ), colon (:), semicolon (;), pipe (|), backslash (\), asterisk (*), apostrophe (') and double-quotes (") characters. User full name and description are, however, free of limitations.
    The user name needs to be unique.
  • Due to security reasons it is not possible to set empty password on the existing account. If you need to reset the password to an empty one, please contact Access Control expert.
    It is, however, possible to create new accounts with empty password. The user will be asked to change the password upon the first login.
  • When the panel is opened as a result of request for group details issued in another panel (such as Access right holders list ), a dedicated "User Details" module is opened. This module will be reused to display details of other users (i.e. no new windows will be opened for every new inspected user)

Dollar Parameters
Name Description  
$userName Specifies the name of the user to edit. Passing an empty string ("") will open the panel in the create mode. required
$mode If set to "RO", the panel will be opened in the view mode. optional

Return Values from panel
The panel should be opened using functions from the ChildPanel...Returns(... , df,ds) family.
When the panel is closed the following values may be returned in the df and ds parameters:
Variable Value(s) Description
dyn_float parameter (df[])
df[1] 1 Edit action terminated succesfully, OK button pressed
df[1] 0 Edit action cancelled, Close button pressed
dyn_string parameter (ds[])
ds[] not used: empty variable is always returned.

Back to the documentation of the fwAccessControl component.

Piotr Golonka, CERN IT/CO-BE