In its default configuration, ExSite uses a simple scheme for tracking and administering system users. There are many ways to reconfigure the user management logic, using everything from simple configuration parameters, to built-in hooks for implementing site-specific user management code. Advanced options are mentioned only briefly in footnotes; this document details only the default user management tools, to assist new ExSite users in managing their site(s).
By default, ExSite recognizes 5 types of site user, which are given access levels of 0 to 4:
public - these are site visitors who have not logged in, or have failed to log in correctly, or have had their priveleges revoked.
normal user - these are site users who are able to log in to gain access to members-only features of the site, but are not granted any special administrator priveleges. Typically, normal users interact with the site only through the site's regular pages.
site manager - these are users who normally interact with the site's regular pages, but are able to access basic site administration and content management tools on the site's back-end. Typically, site managers are sources of content; for instance, they update web pages, add news articles, update the event calendar, etc. Site managers have administrator access to content and data that belongs to their site only.
system administrator - these are users who have full access to all back-end administration functions, and all data in the database. They can access content and data for all sites in the system.
unrestricted - this is the same as level 3/administrator, except that certain security and data integrity checks are disabled. You normally do not want to do this, as it gives you lots of opportunities to shoot yourself in the foot, but the extra power it affords is rarely useful.
Note: you can configure ExSite to use more (or fewer) access levels than this. The root level defines the maximum access level the system will recognize, and one less than this is the administrator access level. The remaining access levels will be interpreted according to the permissions levels laid out in your database schema (DBmap), and in any special authorization code you have installed.
To view all your site users, with options to add, edit, or delete them, visit the Members tool from the administrator web-top, which is represented using this icon:
The Members tool just uses the WebDB
toolkit to provide a simple database interface to the member table.
That means you can also access the member management functions by
visiting the Database Manager tool, and selecting the icon beside the Members table, and then
proceeding using the same instructions. This is useful to know if you
do not have the
Members tool installed on your site.
Each user is represented by a record in the member table.
To create a new user, simply add a new record to this table:
Visit the Members tool from the administrator web-top, and
click on the icon.
The default member record is very simple; you only need to provide a login name, password, full name, email address, and access level (see above).
Note: the default member tools can be extended to include more member details, simply by adding fields to the member table. Details on how to accomplish this are beyond the scope of this document. The minimum requirements for a member table are that it contain a field to store login name, password, and access level. Even these requirements may be ignored if user authentication is not done by means of the ExSite member table (eg. if you use an external user authentication system such as LDAP).
You can use the same tools to modify user records, so as to:
To modify a member's record,
visit the Members tool from the administrator web-top,
and click on the icon beside the
member you want to edit.
To view/edit your own pesonal details, you can also visit the My Profile tool, if it is installed on your site.
To permanently delete a user, select the icon beside that user in the Members tool.
To disable a user without deleting their record, edit their record (as above), and set their access level to 0. This removes their site priveleges, without removing their information from the database. To restore their priveleges, simply edit their record and reset their access level to whatever is appropriate.
An administrator ticket is used to grant a user access to a particular website in the Website Editor. There are three important fields in an administrator ticket:
Without an administrator ticket, a user will not be given links to any websites in the Website Editor. However, the user may still have access to the administrator web-top, and will be able to access other administrator functions connected with the site (such as creating new users).
Administrator tickets are normally only useful to users of level 2 or higher, since level 1 users do not normally get access to the back-end tools where administrator tickets are used. By default, administrator tickets can only be created, modified, and deleted by level 3 administrators.
Visit the Members tool from the administrator web-top,
and click on the icon beside the
member to whom access is being granted. This displays the member
record, and then further down the page, shows a summary report of all
Administrator Tickets for that member. Click on the
icon under the Administrator Tickets
summary report to add a new ticket.
Visit the Members tool from the administrator web-top,
and click on the icon beside the
member you want to modify. Scroll down to the summary report of
administrator tickets. Click on the
icon beside the ticket you want to modify. Edit the ticket values on
the resulting form, and hit "Submit" to save them.
Visit the Members tool from the administrator web-top, and
click on the icon beside the member
you want to modify. Scroll down to the summary report of
administrator tickets. Click on the
icon beside the ticket you want to delete. You will be prompted to
confirm the deletion.