Changeset 12916 for main/waeup.kofa

Timestamp:

8 May 2015, 08:14:33 (9 years ago)

Author:

Henrik Bettermann

Message:

More docs.

Location:

main/waeup.kofa/trunk/docs/source/userdocs

Files:

• Grok_UI.png (added)
• users.rst (modified) (1 diff)

main/waeup.kofa/trunk/docs/source/userdocs/users.rst

@@ -25 +25 @@
 ========
 
-Officers are users with a dedicated user account object stored in the :py:class:`users container <waeup.kofa.userscontainer.UsersContainer>` which is located in Kofa's root container. The officer accounts object has two more attributes than the principle which is created from the account data: (1) a `roles` attribute which is a list of global role names assigned to the officer, and (2) private `_local_roles` attribute which is a dictionary of local role elements.
+Officers are users with a dedicated user account object stored in the ``users`` container (of type :py:class:`UsersContainer <waeup.kofa.userscontainer.UsersContainer>`) which is located in Kofa's root container. The officer account object has two more attributes than the principle instance which is created from the account data: (1) a `roles` attribute which is a list of global role names assigned to the officer, and (2) a private `_local_roles` attribute. The latter maps local role names to lists of objects the respective local role applies to. This information is important because local role assignment is originally stored only with the objects the role applies to and not with the user who got the role. When removing a user, Kofa iterates over the mapping and the list of objects in order to remove all these local role assignments denoted in the mapping.
 
-xxxxxxxxxxxxxxxxxxxx
+The management of portal officers is done in the 'Officers' section of Kofa. The management page shoes all officers registered in the portal together with their global and local roles. The table  can be easily sorted or filtered.
 
-The latter is only for information purposes and not further used for authorization or permissions management.
-
-The management of portal officers is done in the 'Officers' section of Kofa. The management page shoes all officers registered in the portal. The table can be easily sorted or filtered.
 
 Manager
 =======
 
-user type      user id  authenticated  account  portal UI access
+There is exactly one manager account (user id ``zope.manager``) in Kofa. The manager has access to the root instance of the Kofa application which has its own user interface. Through this 'Grok' user interface (see screenshot) the manager can access some basic functions to manage the database and also access the Kofa user interface.
+
+
+.. image:: Grok_UI.png
+
+Although the manager automatically gains all permissions the system defines, this real superuser neither has an account in Kofa nor can access Kofa through its regular login page.