User Management
User management, in OSU Drupal 6, relates to a few different things, including but not limited to:
- How users are added to a site
- How roles and permissions are assigned
- How to create custom roles and permissions sets
- How to use Drupal's built in user profile
In OSU Drupal 6, the only person who can manage users is the site's administrator. All users can manage their own Drupal user profiles, though, if they wish to.
Add a User
Adding a user is a relatively simple task, but due to the fact that roles must be assigned to users, and due to the fact that different roles may have different permissions that can severely affect an entire site, only site administrators may add users.
To add a user to a site, just do the following:
Go to Admin menu > User management > Users > Add user.
Enter the user's ONID or DINO username. Please note, the ONID/DINO username must be used and should not be changed. If it is, the user will no longer be recognized by the site as being a valid user.
Enter a valid E-mail address - this can be any e-mail address but we recommend using this person's work e-mail.
Select the Role that you want this user to seve on your site. Since these roles are progressive, only one role needs to be checked at a time for any given user.
Click the Create new account button.
And that's all there is to it!
Once the user has been added to the site s/he will appear on the User list, located at Admin menu > User management > Users.
Roles
A website at a university can be a rather large project. Often times more than one person will be working on the site at any given time.
There may be a need to have different people involved with the site who serve different functions. Some people are strictly interested in contributing content, while other people serve more of an architectural or administrative capacity. These different types of people fill different Roles within the site.
All Drupal 6 sites have two basic roles that can not be removed:
- anonymous
- This is the general public. They either do not have an account on the site or they are not logged in to the site
- authenticated user
- This is a person who has an account on the site and is logged in to that account
Additionally, all OSU Drupal 6 sites come with three default roles:
- author
- This role is for people who just want to enter content
- advanced author
- This role is for someone who needs to work in an architectural or programmatic capacity - i.e. a "site builder". This person can do everything that an author can do, but they can also work with structural elements such as CCK and Views.
- administrator
- This role is for people who either have full responsibility for the development of a site or for people who want to control who works on the site. This person can do everything that the other two roles can do, but can also affect many global elements on the site such as the site name, theme configurations, and addition of users.
Sometimes, though, a site might require a different kind of role, though, that can peform a different combination of functions. A site's administrator can actually create custom roles and permission sets, as needed, to get the job done.
Assign a Role
Roles can be assigned through the Add user panel, as described in the Add user section of this manual. They can also be assigned and changed through the User list.
To manage the roles of users who have already been added to the site, do the following:
Go to Admin menu > User management > Users.
Locate the user you wish to assign a role to and check the box next to the user's name.
Click in the Update options select list and choose the role withn the Add a role to the selected users category in the list.
Click the Update button.
If your user already had an existing role, you might see now that s/he has two roles on the site. In OSU Drupal 6, the permissions in the roles are progressive. In other words, an advanced author can do everything an author can, plus additional permissions, and an administrator can do everything an advanced author can, plus additional permissions. So, really, only one role is needed per user.
So let's remove one of the roles:
Check the box next to the user's name that you wish to remove a role from.
Click in the Update options select list and choose the role withn the Remove a role to the selected users category in the list.
Click the Update button.
The user's role has been updated.
Custom Roles
Custom roles are sometimes desired by site administrators for a variety of reasons. A good example would be a research site. The Principal Investigator of the site may want a role with a title like "research assistant".
This makes perfect sense.
So how do we make the custom role?
It's really pretty simple. Just do the following:
- Go to Admin menu > User management > Roles
- In the blank field, enter the name of the role that you want
- Click the Add role button
And that's really all there is to creating the actual custom role. To make the role really work, though, we need to finish out the process by giving the new role a set of permissions.
Permissions
Permissions are a set of activities that a user is allowed to perform on a website.
If you think about it, you probably deal with this all the time.
The best example is probably your ONID account. You are allowed to log in to your ONID account, and you can view and change quite a few different things related to your account because you are permitted to do these things on your account. You are not generally permitted to go onto your colleague's account and make changes, though. In most cases, you and your colleagues might have some time of role called Member or User.
Sometimes, though, things go wrong with our accounts and we need someone who is permitted to work across the whole system to come in and fix it for us. This type of user might be called something like Administrator. It's this person's responsibility to fix things and provide support service to the users of the system. They are permitted to go into individual accounts on an as-needed basis to provide the service that regular users need.
Our OSU Drupal installation has five default roles, which are explained in the Roles section of this manual. Each one of these roles has a different set of permissions.
For example, an author is permitted to create and edit content, create and edit menus, upload media, etc.
An author can't use PHP code, though. This is a special type of code that can actually destroy your Drupal site if it's in the wrong hands. The only roles that are allowed to use PHP code are advanced authors and administrators.
An administrator on an OSU Drupal site is actually capable of changing permission sets, and even creating new ones for custom roles that are added to the site. Read on to find out more about creating custom permission sets.
Create a Custom Permission Set
Custom permission sets can be easily made. Typically a custom permission set is going to go with a custom Role, in fact, once you create a custom role, you're given a link that goes directly to the permission set for that role.
So, to keep it simple, you'll want to be at Admin menu > User management > Roles. From the Roles panel, do the following:
Click on the edit permissions link respective to the role you're interested in adding a custom permission set to
Select the permissions you wish to grant to this role. Remember, this is up to you as the administrator. Pay special attention to notes next to the permissions that say things such as "give to a trusted role only" - typically this means that this permission can cause problems on your site if used by someone maliciously, or even accidentally. There are many, many permissions to go through, consider them carefully, but remember that you can always return and change them as needed.
Once all of the permissions have been checked, scroll down to the very bottom of the panel and click the Save permissions button.
Your custom role and permission set are now complete!
Now you just have to assign the role to a person on your site...