Security objects editing

In this section we will briefly discuss how to edit Security main objects via the admin panel.

Users

Control elements in user editing form have the following functions:

1. Name - user name.
2. Email - user e-mail, which can be used for notification. It is critical if you're using external authentication providers.
3. Login - user login, which is required if we want our user to be authenticated by login and password (hash), stored in DWKit database.
4. Password - user password, its hash is stored in DWKit database.
5. Domain login - this field is required, only if you're using Windows domain authentication. This mechanism is outdated, and we recommend to use it for compatibility reasons only. We suggest using external authentication providers.
6. Locked - if you check this checkbox, user will not be able to log in and perform any operations in the system.
7. RTL - if you check this checkbox, user will see right-to-left interface both in the admin panel and in the main app.
8. Localization - localization file name, which will be loaded for user.
9. Groups - user groups list.
10. Roles - user roles list.
11. External logins - user credentials list, created when authenticating via external authentication providers.
12. Save - saving user entity to database.
13. Close - exit without saving.

User groups

User groups editing interface is very simple. Here we can specify group name and list of roles assigned to all users in the group. Sync with domain checkbox means that the group was received via LDAP. Learn more about LDAP here.

Permissions and permission groups

Permissions editing interface displays all groups and permissions in the system. Its control elements have the following functions:

1. Create a group - button for creating new group of permissions.
2. Save - saves all changes made in current view.
3. Cancel - cancels all unsaved changes.
4. Code - permissions group system name.
5. Name - permissions group name.
6. Code - permission system name.
7. Name - permission name.
8. Button for deleting permission from group.
9. Delete group - button for deleting group of permissions.
10. Create a permission - button for creating new permission in group.

You can see that one group of permissions can contain multiple permissions.

Roles

We must specify role-related type of access for each permission in role editing interface. There can be three types of access:

• inherited - i.e. non-defined.
• allow
• deny

Learn more about calculating result values for permissions in the following section. Control elements in this interface have the following functions:

1. Redirect to the list of all roles in the system.
2. Edited role name.
3. Save - saves all changes, made in current view.
4. Cancel - cancels all unsaved changes.
5. Code - role system name.
6. Name - role name.
7. Permissions group name, cannot be edited.
8. Permission name, cannot be edited.

• Elements 9-11 allow us to select one of the three types of access for permission (inherited, allow, deny).

12. Reset - sets all permissions in group as inherited.
13. Allow - sets all permissions in group as allow.
14. Deny - sets all permissions in group as deny.