dotProject Tutorial - User Management and Roles
!['Derivatives' Inception Movie Trailer Calculus Parody [HD]](http://img.youtube.com/vi/Yom-RNp7bdY/2.jpg)
Uploaded by TOPSwebLLC on 23.08.2011
Transcript:
Ok, so now we've added a project
we've added tasks and now the main thing we have to add users. Unless you are going to be a one man band and be the only user on your
your projects then you probably have multiple people
and will want to assign tasks to other people.
So first lets go to User Roles and this is a
I would say some of the trickier areas of
dotProject is User Roles and User Permissions
It's not overly complicated but then again it's not overly intuitive either.
We get there by going to system admin and then clicking on the user roles and here are the default
user roles that come as defaults with
dotProject. We have the admin which is description administrator
has full rights. Which are rights to what is called
admin modules and non admin modules.
To let you know the difference
a non admin module
would be the project tasks, calendar, companies, contacts, files, forms, tickets,
and
admin modules will be your user admin and your system admin.
Pretty simple.
we have anonymous
this is
essentially no login at all
Guests - this would be
very limited access, read only type access and then we have project worker. Project worker would be
no administrative rights but full
admin rights for
for the non admin modules
they have full write, edit, access capabilities
so administrative capabilities
and then you can create your own
you can name it whatever you want, give it a description, click ADD. Once it is added.... let me see if ican give you a quick example here..
Once it is added you can then adjust permissions to do that you'll click
the lock
icon
this takes you to the permissions screens where you can setup permissions for the role.
In order to do that, let's look at one that is already built as an example..
and
I'll show you how that is built
so lets take a look at how the admin role is built
all modules
ALL has access, add, edit, delete, view
...allow - OK so that means
we've selected admin modules, the items within the admin modules, all of them
and allowing the ability to do all these things
and ACL
administration which is the user administration
so the admin has all rights, all the things, all the time. So let's take a look
at something a little more restrictive.
Let's take a look at the project worker. . Probably the admin and the project worker is the most common
Let's take a look at that.
This has non admin modules
has full access to non admin modules
they can access, add, edit, delete, view and we're allowing that
the user table
They have full access to that as well. So they can access and view. But they can not delete users
They can't
edit them
and so forth.
There is no rights to the admin module.
They would not be able to see the system admin or the user admin, so the user table
in this case is the
they can
access or view the user table, meaning if there is a drop down that selects from users then they will be able to see that but not
make changes to the actual user list
Now let's take a look at...
let's edit the Role 'Test' and call it
client
Description is 'Spacely'
and this is going to be
'Spacely'
'Sprockets'
This example gets asked a lot -
Let's build some permissions for 'client'
so when I want to give access to a client
This is how I typically set one up.
First deny access
to the admin modules
so I deny
in whole
absolutely anything
this in more precautionary on my regard I guess.
now
ther is no access to the admin modules whatsoever
OK so now we're going to select which non admin modules we want the client to have access to
what we want them to be able to view
is projects, tasks,
calendar, and that is all. Nothing more.
and only for their company
so
this is where it gets a little funny. What we have to do first is deny all non-admin modules
so at this point the client has no rights
so now we will add 'Company'
we'll leave it to all and deny access to everything.
You may be asking me by now why are we doing all of this denying?
well
the whole idea is to
wipe the slate clean because if you don't there are little odds and ends that may pop up later
where a client may be able to see information that they should not have available to them (other customers).
What I like to do as a good practice is to deny access to everything and then build back what I want them to be able to see
this may seem a bit far fetched
but for me it is worth the time
so now, and we've denied all companies and I'm going to add this single client back to companies
give them access to the Spacely Sprokets. Give them access
View
they cannot ADD they cannot Edit, and can not DELETE
so now they have access and the ability to
if they are given a direct link. But right now the module is off-limits. We have to give those modules back to them
so go to
projects
and then
will allow that
access and view
we have to add tasks
access, view
and I'm going to keep task logs hidden for now. Sometimes project workers get too candid on the logs for the client view
Best thing is to keep client access to really only see the progress. So that is what they will be able to see.
We'll let them contact their Project Manager for
details
so right now what we have
is that we have denied access to everything and we brought back that they can see only the company - Spacely Sprockets and they can
see projects all projects that are Spacely Sprokets, all tasks
that are assigned to Spacely Sprockets
and I forgot to add Events, so we'll add that now...
and
just so you're
you can see... when we're looking at tasks, you literally limit a user to see only a single project if you want
so that's it. If I add a user and they have the client Spacely - there user rights are only going to give them project tasks
and events.
and we want to show them a calendar
and
add
OK
So these are the modules they will be able to see. Events are
a sub module of Calendar actually.
This way we've set a very limited scope of what the client is able to see. Because you don't want a client seeing other client's
information
that is user roles. Let's click submit
we'll add a user now and go to user admin
So let's add a couple of users. First
we'll give our client a login name of
Jane
We'll call her Jane
Jetson
and her user type
Spacely Sprocket client
will give her a password
and
Must have an email address -
and
you can send an e-mail
and click submit
Jane already has a role
as we've already set up permissions
we can override those permissions. She already has a role and right now we are giving her project tasks calendar
that sort of thing
for whatever reason if you need to add additional information such as FILES, we can just add
FILES from here that's what's a little
distressing the way permissions are set up in dotProject for me is that it should just give you the roles layout
and allow you to edit off of that but that's not how it works. You have to already know what the roles are.
if you have any questions about the user roles that are in dotProject by default you can click the
lock icon to see what those are or you can go to http://docs.dotproject.net
go there and search for creating user roles and it will give you, breakdown of how those are
made.
again we've created a role and now we can edit off of that particular role or add permissions or take away permissions from
that particular user's role
we can transfer
projects from one user to another
if there were any selected here and if this person had quit
you can give all their projects over to a another user
you can look at a user's project gannt chart with this user's
info. No project have been assigned yet here.
here is a list of what projects they have
user, keeps a log of
what is going on with this user
so we can also set preferences and this may look familiar
before we set
default preferences for all users
and now we have individual users can override those defaults and create their own so
let's say my base of people work in the United States but I have
Jane who is from Australia
she can come in and change things
and hit submit
and now we see the user list
when a user by default is added
there are not active and so you can change that in the system configuration for them to be active automatically
but by default you'd have come in here
and click this user
and activate her
so that is User Management. As I say it is a little bit tricky so for more information
please go to.http://docs.dotproject.net
try saying that 10 times in a row fast.
Thank you very much and that is User Management
we've added tasks and now the main thing we have to add users. Unless you are going to be a one man band and be the only user on your
your projects then you probably have multiple people
and will want to assign tasks to other people.
So first lets go to User Roles and this is a
I would say some of the trickier areas of
dotProject is User Roles and User Permissions
It's not overly complicated but then again it's not overly intuitive either.
We get there by going to system admin and then clicking on the user roles and here are the default
user roles that come as defaults with
dotProject. We have the admin which is description administrator
has full rights. Which are rights to what is called
admin modules and non admin modules.
To let you know the difference
a non admin module
would be the project tasks, calendar, companies, contacts, files, forms, tickets,
and
admin modules will be your user admin and your system admin.
Pretty simple.
we have anonymous
this is
essentially no login at all
Guests - this would be
very limited access, read only type access and then we have project worker. Project worker would be
no administrative rights but full
admin rights for
for the non admin modules
they have full write, edit, access capabilities
so administrative capabilities
and then you can create your own
you can name it whatever you want, give it a description, click ADD. Once it is added.... let me see if ican give you a quick example here..
Once it is added you can then adjust permissions to do that you'll click
the lock
icon
this takes you to the permissions screens where you can setup permissions for the role.
In order to do that, let's look at one that is already built as an example..
and
I'll show you how that is built
so lets take a look at how the admin role is built
all modules
ALL has access, add, edit, delete, view
...allow - OK so that means
we've selected admin modules, the items within the admin modules, all of them
and allowing the ability to do all these things
and ACL
administration which is the user administration
so the admin has all rights, all the things, all the time. So let's take a look
at something a little more restrictive.
Let's take a look at the project worker. . Probably the admin and the project worker is the most common
Let's take a look at that.
This has non admin modules
has full access to non admin modules
they can access, add, edit, delete, view and we're allowing that
the user table
They have full access to that as well. So they can access and view. But they can not delete users
They can't
edit them
and so forth.
There is no rights to the admin module.
They would not be able to see the system admin or the user admin, so the user table
in this case is the
they can
access or view the user table, meaning if there is a drop down that selects from users then they will be able to see that but not
make changes to the actual user list
Now let's take a look at...
let's edit the Role 'Test' and call it
client
Description is 'Spacely'
and this is going to be
'Spacely'
'Sprockets'
This example gets asked a lot -
Let's build some permissions for 'client'
so when I want to give access to a client
This is how I typically set one up.
First deny access
to the admin modules
so I deny
in whole
absolutely anything
this in more precautionary on my regard I guess.
now
ther is no access to the admin modules whatsoever
OK so now we're going to select which non admin modules we want the client to have access to
what we want them to be able to view
is projects, tasks,
calendar, and that is all. Nothing more.
and only for their company
so
this is where it gets a little funny. What we have to do first is deny all non-admin modules
so at this point the client has no rights
so now we will add 'Company'
we'll leave it to all and deny access to everything.
You may be asking me by now why are we doing all of this denying?
well
the whole idea is to
wipe the slate clean because if you don't there are little odds and ends that may pop up later
where a client may be able to see information that they should not have available to them (other customers).
What I like to do as a good practice is to deny access to everything and then build back what I want them to be able to see
this may seem a bit far fetched
but for me it is worth the time
so now, and we've denied all companies and I'm going to add this single client back to companies
give them access to the Spacely Sprokets. Give them access
View
they cannot ADD they cannot Edit, and can not DELETE
so now they have access and the ability to
if they are given a direct link. But right now the module is off-limits. We have to give those modules back to them
so go to
projects
and then
will allow that
access and view
we have to add tasks
access, view
and I'm going to keep task logs hidden for now. Sometimes project workers get too candid on the logs for the client view
Best thing is to keep client access to really only see the progress. So that is what they will be able to see.
We'll let them contact their Project Manager for
details
so right now what we have
is that we have denied access to everything and we brought back that they can see only the company - Spacely Sprockets and they can
see projects all projects that are Spacely Sprokets, all tasks
that are assigned to Spacely Sprockets
and I forgot to add Events, so we'll add that now...
and
just so you're
you can see... when we're looking at tasks, you literally limit a user to see only a single project if you want
so that's it. If I add a user and they have the client Spacely - there user rights are only going to give them project tasks
and events.
and we want to show them a calendar
and
add
OK
So these are the modules they will be able to see. Events are
a sub module of Calendar actually.
This way we've set a very limited scope of what the client is able to see. Because you don't want a client seeing other client's
information
that is user roles. Let's click submit
we'll add a user now and go to user admin
So let's add a couple of users. First
we'll give our client a login name of
Jane
We'll call her Jane
Jetson
and her user type
Spacely Sprocket client
will give her a password
and
Must have an email address -
and
you can send an e-mail
and click submit
Jane already has a role
as we've already set up permissions
we can override those permissions. She already has a role and right now we are giving her project tasks calendar
that sort of thing
for whatever reason if you need to add additional information such as FILES, we can just add
FILES from here that's what's a little
distressing the way permissions are set up in dotProject for me is that it should just give you the roles layout
and allow you to edit off of that but that's not how it works. You have to already know what the roles are.
if you have any questions about the user roles that are in dotProject by default you can click the
lock icon to see what those are or you can go to http://docs.dotproject.net
go there and search for creating user roles and it will give you, breakdown of how those are
made.
again we've created a role and now we can edit off of that particular role or add permissions or take away permissions from
that particular user's role
we can transfer
projects from one user to another
if there were any selected here and if this person had quit
you can give all their projects over to a another user
you can look at a user's project gannt chart with this user's
info. No project have been assigned yet here.
here is a list of what projects they have
user, keeps a log of
what is going on with this user
so we can also set preferences and this may look familiar
before we set
default preferences for all users
and now we have individual users can override those defaults and create their own so
let's say my base of people work in the United States but I have
Jane who is from Australia
she can come in and change things
and hit submit
and now we see the user list
when a user by default is added
there are not active and so you can change that in the system configuration for them to be active automatically
but by default you'd have come in here
and click this user
and activate her
so that is User Management. As I say it is a little bit tricky so for more information
please go to.http://docs.dotproject.net
Thank you very much and that is User Management