Verify the privileges the user is in using Overview and impersonation features
Overview: verify the privileges users have
Question: Why this user sees a feature he is not supposed to see?
Answer: The user might have more privileges activated than necessary. To enable/disable user privileges, you need to verify the Roles property.
With Overview you will be able to observe in one glance user Privileges and many other user's properties.
1. Log in to your application with an Administrator.
2. Right-click in the user and select Overview.
3. Check the user Roles
In the same Window, under 3. Privileges you can see all the privileges contained under the Role of the user _Operator
Now you know which Role you have to modify to adapt this user to your needs.
Roles: enabling/disabling privileges for your users
Question: How can I enable/disable privileges for my user?
Answer: Change the user Roles by assigning/removing properties.
1. Go to Admin > Roles.
2. Click in the Role you want to change.
(Recommendation: In the case of wanting to revert changes, create a Copy of the current role and modify this one instead).
3. Select which users will have this Role.
4. Enable/disable the necessary privileges for this particular role.
4. Click on Save.
- If you change the role, it will affect ALL the users in the same role.
- Read more in privileges and features to understand what each privilege means.
- Users can belong to multiple roles. The roles could be overlapped in privileges. Make sure your users belong to the proper Roles.
Impersonating users: test your user Roles and privileges assigned to them.
Question: How can I verify if my privileges are working?
Answer: Verify the results using the impersonation feature.
From SiteAdmin, select the user you want to login with.
Alternative method: using a different web browser to login with the impersonated user.
If you're using, for example, Firefox in the session with the Administrator, you can open a different browser (like Chrome) to login with the impersonated user in the second browser (an In-Private session in the same browser also works).
This way, you will maintain the Administrator session opened in the original browser, in case you want to introduce new modifications.
In the second browser, use the URL of your application and login with the credentials of the user you want to test.