User Management

Owned by Nadica Gaber (Unlicensed)
Last updated: Jun 15, 2016 by Wouter Born (Deactivated)
3 min read

Introduction

From 'User' option in the menu, the user with Security Admin permissions, can choose to manage Users or User Groups.

CXO Reporting Suite allows the admins to set Permissions, Point of View Security Filters or Report Permissions at a User level or a Group of users.

Permissions inheritance

Each user or user group can be member of one or more user groups. This can be set through the Main Tab inside Create New User / New User Group or Edit User / Edit User Group popup.

  • When a user or user group is member of a user group, he will inherit all permissions from it (i.e. PermissionsPoint of View Security Filters or Report Permissions).
  • When a user or user group is member of more user group, he will get the sum of all permissions from all the user groups he is member of.
  • In addition to the permissions inherited from the user group a user or user group is member of, additional permissions can be set for the specific user / user group. 
  • The inheritance hierarchy can be an deep as needed, i.e. it is possible to create basic user groups with permissions to be applied to most users (e.g. 'basic group') and then have additional user groups with more advanced permissions (e.g. 'group 1') who are member of the 'basic group', and then more complex user groups (e.g. 'group 2') who are member of 'group 1' and so on. Users member of 'group 2' will inherit permission both set for 'basic group' and for 'group 1'.

Permissions inheritance allows to optimize the maintenance of users and user groups..

Inherited permissions can't be removed. When creating or editing a user or user group, inherited permissions will appear in the popup as selected and disabled, while permission set for the single user or user group will appear selected but enabled.
Unselecting the  option 'Show inherited permissions, only permissions set for the specific user or user group will appear.

Duplicated Permission

When a permission is both inherited and set for the current user or user group a symbol  will appear close to the permission. It is suggested to remove duplicated permission to avoid potential problems.
e.g.

  • A user is given 'Report Admin' permission
  • In a second time, when more admin are needed, a user group 'Report Admin' is created (with 'Report Admin' permission) and the user is set as member of the group
  • After a period for any reason, the admin wants to take out the 'Report Admin' permission from the user. He will remove the user from the 'Report Admin' group and think this is enough, while as the user had the 'Report Admin' permission set previously on himself, even if he is no more member of 'Report Admin' user group, he will still maintain the capabilities associated to 'Report Admin' permission.

 

To remove duplicated permissions:

  1. Unselect 'Show inherited permissions' flag to view permission set for the current user or user group
  2. Unselect the duplicated permission 
  3. Select again  'Show inherited permissions' flag, the duplicated symbol will not appear any more
  4. Save