Welcome to the first of three articles on authentication in Nudgis. Here we'll look at the interface for managing these elements, then at how to search the history of user actions and finally at how to filter users according to the permissions they have.
We recommend that you have familiarised yourself with how permissions work before looking at authentication in Nudgis, as certain cross-cutting concepts will be covered here.
Table of content
2A/ LOCAL GROUPS
To be able to act on the parameters described in this article, your user account must have the global permission "Can edit users".
To access the management interface, go to the administration page and, in the "Authentication" box, click on "Users and groups management".
Users management
This first tab contains a list of the platform's users and a search field in the top left-hand corner.Four buttons are available to the right of the search field, for adding users:
- Invite users by email : on this page you can invite users via email, and you can also pre-define a permission profile for these user accounts.
- Add a user: here you can manually create a user. Only the user name is required to validate the form.
- Add a user for a recorder: This page lets you create a user specifically for recorders, with pre-defined permissions for adding media. The main purpose of creating a user of this type is to retrieve its API key in order to configure Miris recorders for publication, for example.
The first field of the form is used to add your CSV file from your computer. In the next field, enter the list of columns in your file.
The next two fields are used to indicate the separator characters (the group separator is only taken into account if a group field is present in the list of fields).
The following option is ticked by default because the first line of a CSV file generally contains the names of the columns.
Mac and Linux devices are compatible with UTF-8 encoding. If you are using Windows, please select the "Windows cp1252" option.
Check the following option to allow the CSV import to modify users who have not been added by a previous CSV import.
If you activate "Remove missing users", users that have been added by a previous CSV import and are not present in the current import will be deleted.
The last option allows you to delete groups containing no users and which have been created by a previous CSV import.
To confirm, click on "Simulate import". You will be redirected to a page summarising the changes that will be applied:
Click "Apply all changes" to confirm.
Now back to the table listing the users. You will be able to perform three actions on users by selecting them using the ticks. The options are as follows: Enable, Disable, Delete.
The "Columns" drop-down menu is used to select the columns displayed in the table :
You can sort the users by clicking on the name of the column of your choice.
At the end of each line in the table, you'll find buttons with links:
The first button is used to access the user's permissions, while the next is used to edit the user's data (we'll look at the editing page in detail in the next paragraph). The clock button is used to view the history of the user's actions. We'll also look at this section in detail later in the article. Finally, the last link provides access to the user's personal channel. If the user does not have one, the button will be greyed out.
Let's now take a closer look at the user edit page (we won't go into detail about fields that are too explicit and have no functional use in Nudgis, such as names or job title) :
The first field is the username, which is the only mandatory field. It must be unique; it is not possible to create two users with the same username. Apart from being mandatory, the next field, for the email address, follows the same rule of uniqueness. The next field worth mentioning is the API key: this allows the user to use the Nudgis API and, by extension, the scripts maintained by UbiCast (if they have the corresponding permissions).
Check the following option if you wish to make this account a shared account. Users using a shared account cannot change the account settings, but can, for example, answer a questionnaire or poll more than once.
If you wish to deactivate an account without deleting it (for reasons of traceability, for example) you can do so by unchecking the Active option.
To give you some control over the use of storage on your platform, you can apply a storage quota to the user. This quota, defined in Gigabytes, will apply to media contained in the user's personal channel, as well as to media on the rest of the site for which the user is defined as a speaker.
The next few settings concern emails. You can define the language of the emails that will be sent to the user from among the following languages: French, English, German, Spanish, Dutch and Finnish.
The following options allow you to define whether the user should be notified by email in the following cases :
- Subscription : The user will be notified by email when someone creates an account via the standalone registration page.
- Support end : The user will be informed when the platform support contract expires.
- Maximum viewers : Sends a warning email when the threshold of simultaneous viewers has been reached on the platform.
- Receive available storage emails : Notifies users by email when their storage quota has been reached.
- Annotations if speaker : Notifies the user if annotations are added to media for which they are defined as a contributor.
Finally, you can add the user to groups, using the search field to find existing groups. Click on the action button to add the user to the group :
The groups of which the user is a member will be displayed above the search field. Click on the action button to remove the user from the group :
Finally, the last field, which is read-only, shows the authentication groups to which the user belongs :
Groups management
Local groups
Let's return to the user and group management page. The next tab is for managing local groups.
Local groups are groups that have been created manually, or added automatically by CSV import or LDAP synchronisation (see article on authentication services). They are presented in table form and a field is available for searching for groups by name.
Each row shows a summary of the group's global permissions, a link to the permission and editing pages, as well as the number of users who are members of the group. The 'Reference' column is used in particular by LDAP to store the DNs of imported groups.
Clicking on the button in the "Number of users" column opens a pop-up displaying the list of members :
In the box at the top you can add users to the group using their email addresses (one per line). If an address does not correspond to an existing account, one will be created immediately.
Now let's look at the action buttons at the end of each line of the user list.
The first takes you to the user's permissions page, the second to the user's edit page.
The third button promotes the user to group administrator status. Group administrators can add users to their groups and, if the configuration allows, create them if they don't already exist.
Finally, the last button is used to remove the user from the group.
Authentication groups
Authentication groups are created and populated automatically, so they cannot be edited. Their main purpose is to apply specific permissions depending on the authentication mode used.
User action logs
Operations such as editing videos, channels and settings, deleting media and users can be found on this page.
Here you can search for log entries by user (by ID, username or email address) or by IP address. You can also select a search period.
If you're looking to see the actions taken on a particular item but don't have information about the users who took them, you can use the "Message contains" field to enter, for example, the item oid.
If the information you are looking for is not found in the last 50 lines of logs, a 'See complete results' button is available.
Permission user list
To do this, select a permission from the drop-down menu and click on "Get user list".
Now that you're familiar with managing users and groups, it's time to learn more about authentication settings to fine-tune your Nudgis platform.
Comments
0 comments
Please sign in to leave a comment.