400 likes | 738 Views
Drupal User Management and Access Control. Wade Cline Mohammed Al khater Y. Alejandro Garcia. Overview. What is user management / access control? Why are user management and access control important? Functionality and database organization in Drupal Access rules Roles and Permissions
E N D
Drupal User Management andAccess Control Wade Cline Mohammed Al khater Y. Alejandro Garcia
Overview • What is user management / access control? • Why are user management and access control important? • Functionality and database organization in Drupal • Access rules • Roles and Permissions • Users and User settings
What is user management and access control? • User management: is an authentication feature that provides administrators with the ability to identify users and control how those users utilize the resources available in a website or system. • Access control: is a mechanism in a website or system that controls access by granting or rejecting access requests.
Importance User management and Access controls adds: • Security • Avoids Spam • Restricts access • Authenticates users • Personalized information • Pictures, signatures • Easy management of user accounts • Create, edit, delete, and assign privileges
Access Rules • To register to a website users must provide: • Username • Email address • Administrators can disallow access based on usernames, email addresses, and IP addresses.
Access Rules • Useful when you want to deny access to all users with a certain emails, username, websites. • i.e. thief@hacker.net • i.e. freecoupons • www.seriousspammer.com • Also, when you want to only allow users with @institutions.edu to create accounts on your site. • User must have an .edu email to get a discount • For example: Facebook's membership was initially limited by the founders to Harvard students.
Let’s take a look to the database… Rules are stored in the Access Table
Schema Diagram • Independent entity
Roles and Permissions • Why do we need them? • How do they work, how can we use them? • How is the database organized?
Why do we need them? • Controll access to data • A user should only be able to view and/or modify specific content • Encapsulation
How does it work? • Roles • Access control based on user's assigned roles. • Users have one or more roles • Roles determine what users can and cannot do through permissions • Blocks (such as 'Who's Online') are displayed based on a user's role
How does it work? • Permissions • Define how users can access and modify certain data • Many permissions per role
Under 'User Management' select either 'Permissions' or 'Roles'
Clicking “edit role” gives a smorgasbord of two options: renaming and deleting.
Clicking “edit permissions” allows you to edit permissions for a specific role
Selecting 'Permissions' from under 'User Management' allows editing of all permissions at once
How is the database organized? • Users are related to roles • Roles are related to permissions • Blocks are related to roles
User Settings • User registration settings • User E-mail • Signatures • Pictures
User registration settings - Only administrators can create new accounts - Visitor with no approval - Visitors can create account with administrators approval - Add text that displayed on the top of the registration page that guide the new user
User E-mail Settings • Welcome, new user created by administrator • Welcome, no approval required • Welcome, awaiting administrator approval • Password recovery email • Account activation email • Account blocked email • Account deleted email Variables: !username, !site, !password, !uri, !uri_brief, !mailto, !date, !login_uri, !edit_uri, !login_url
User E-mail Settings (cont.) Password recovery email
Signatures and pictures • Allow us to enable or disable
Users • The user module allows users to register, login, and log out. Users benefit from being signed on because it allows them to access the information they created and allows various permissions within their set roles. • Two ways to create user • Create user as you logged out • Use the administrative user to create new account
Create user as you logged out • Click on the link Create new account • It will take you to User account page >Punctuation not allowed except periods, Hyphens, & underscores >valid e-mail >note :This will create an authenticate user, which has all permissions that have been assigned to that role.
Use the administrative user to create a new account • Administer • User management • Users (Then follow the instructions on that page)
Users - list • This allows you to specify several “filter” conditions. Which will cut down the search and allow a more manageable result. This becomes more relevant and important as the site accumulates more users.
Users – list (cont.) We can view the users’ account information by clicking on edit link GO
Relation tables M : 1 M : 1 M : 1