Verify the privileges a user has with the Overview and impersonation features
Overview: verify the privileges users have
Question: Why does this user see a feature he/she is not supposed to see?
Answer: The user might have more privileges activated than necessary. To enable/disable user privileges, you need to verify the Roles property.
With Overview, you will be able to observe in one glance a user's Privileges and many other user properties.
1. Log in to your application with an Administrator
2. Right-click on the user and select Overview
3. Check the user Roles
In the same Window under 3. Privileges, you can see all the privileges contained under the role of the user _Operator
Now you know which role you have to modify to adapt this user to your needs.
Roles: enabling/disabling privileges for users
Question: How can I enable/disable privileges for a user?
Answer: Change the user Roles by assigning/removing properties.
1. Go to Admin > Roles.
2. Click on the Role you want to change.
(Recommendation: In the case of wanting to revert changes, create a Copy of the current role and modify this one instead).
3. Select which users will have this Role.
4. Enable/disable the necessary privileges for this particular role.
4. Click on Save.
Note:
- If you change the role it will affect ALL the users in the same role.
- Read more about privileges and features to understand what each privilege means.
- Users can belong to multiple roles. The roles could have overlapping privileges. Make sure your users belong to the proper roles.
Impersonating users: test your user roles and the privileges assigned to them
Question: How can I verify if my privileges are working?
Answer: Verify the results using the impersonation feature.
In Site Admin, select the user you want to log in with.
Alternative method: using a different web browser to login with the impersonated user.
If you're using, for example, Firefox in the session with the Administrator, you can open a different browser (like Chrome) to log in with the impersonated user in the second browser (a 'private' session in the same browser also works).
This way, you will maintain the administrator session open in the original browser. This will let you make any additional modifications.
In the second browser, use the URL of your application and log in with the credentials of the user you want to test.