Users and Groups¶
In ZoneControl, three “levels” of users exists:
All users can log in to the zone-management interface (unless the user is marked disabled). Staff-users can open the administrative web interface and, depending on their permissions, perform administrative tasks there. Finally, the superusers can perform all administrative tasks without being granted specific permissions.
A User is an entity that can log in to ZoneControl. When creating a User several attributes are requested:
Username: The name with which the user will log in
Password: The password for this User. Will be saved to the database in a hashed format
A User can be made part of zero or more Groups.
A User can additionally have zero or more Roles.
User Information and Configuration¶
Attached to users can be some extra information, several flags, and permissions.
The numbers below correspond with the numbers in Fig. 1.
Personal Info (1)¶
These fields are used to set some information on the user.
Users that are not active can not log in to ZoneControl. It is recommended to deactivate users when they should no longer be allowed to log in. This ensures that zone comments and zone versions are still attributed to this user. Removing the user will also remove this attribution.
Staff status (3)¶
A user with the staff-status is allowed to access the administrative web interface. They can perform administrative actions based on their permissions.
Super user (4)¶
A super user has all permissions implicitly and can access the administrative web interface.
Users can be part of one or more groups. A super user can add users to any groups, a staff user can only add users to groups they belong to.
These permissions are related to what a staff user can do in the administrative web interface. See Administrative Permissions for Staff users for information on administrative permissions.