Basics | Plugins | Howtos | Applications

The `users` plugin¶

Overview ¶

The lino.modlib.users plugin is used in most Lino applications. It defines the database table for storing user accounts, actions for signing in and out, editing user settings. It also manages the permissions given to each user.

User settings ¶

You can open this window by clicking on the My settings quick link or selecting the menu item of same name in the user menu.

User settings are stored in the database using the lino.modlib.users.User database model.

User settings are the part of a user account that can be edited by the users themselves.

Manage user accounts ¶

As a site manager you can add new users and edit existing users via the Configure ‣ System ‣ Users menu command.

Double-clicking on a row in this data table opens the User settings of that user.

The site manager ¶

A site manager is a privileged site user who is responsible for managing the list of user accounts on a given Lino site.

A site manager never needs to specify the current password when setting a new password for any user account.

A site manager can optionally specify a date when a user started or stopped to be active.

User types and user roles ¶

You can see the user types available on your Lino site via Explorer ‣ System ‣ User Types. Here is a typical list of user types:

value	name	text
000	anonymous	Anonymous
100	user	User
900	admin	Administrator

Another menu command might be interesting: Explorer ‣ System ‣ User roles. This table shows the user roles defined on your site and for each user type whether it has that role or not. Lino consults this table when deciding whether to give permission (or not) to see certain menu commands.

Name	000	100	900
comments.CommentsStaff			☑
comments.CommentsUser		☑	☑
contacts.ContactsStaff			☑
contacts.ContactsUser		☑	☑
excerpts.ExcerptsStaff			☑
excerpts.ExcerptsUser		☑	☑
office.OfficeStaff			☑
office.OfficeUser		☑	☑
xl.SiteAdmin			☑
xl.SiteUser		☑

These tables are maintained by the application developer. You cannot edit them. They are interesting for end users who want to understand what every user type does. If you think that something is wrong with the user permissions on your site, then talk about user roles with your site expert.

Acting as another user ¶

There is a menu entry Act as… in the user menu, which you use in situations where you act in the name of another user.

That other user must have given you authority to do so. Except if you are a site manager, because a site manager can act as anybody else without having an explicit authority.

Use cases:

calendar entries for a social agent can be made by a reception clerk
One user creating a comment while working as another user

TODO: write more explanations.

Online registration ¶

Your Lino site may have online registration enabled.

TODO: write more explanations.

Third-party authentication ¶

The users.third_party_authentication feature can be enabled by the server administrator. When this is enabled, you must also create “applications” on some third-party auth provider (Google, Facebook).

TODO: write more explanations.

Authentication ¶

Authentication is the process that happens when an end user signs in. It includes:

Ask for user credentials (username and password)
Look up the user account from the database.
Verify whether password is valid
Optionally use other authentication methods
Store the users.User instance in the Session instance.

Glossary ¶

This documentation page introduces the following concepts.

user account¶

A database row with information about a given site user.

My settings¶

A quick link and an entry in the user menu that opens a detail window where you can edit your user settings.

user type¶

The type of a user account, which defines the user’s permissions. See User types and user roles.

user role¶

A role within the application that can be assigned to a given user type. User roles are the atomic units for handling user permissions in Lino. See User types and user roles.

user permissions¶

The set of functionalities and data to which a given site user has access. This set is defined by the user type.

authority¶

The fact that one user gives another user the right to act in their name. See Acting as another user.

online registration¶

A feature of a Lino site that allows new end users to create a user account without (or with little) interaction of the site manager. See Online registration.

Sign in¶

The action of telling a Lino site who you are. See Authentication.

Sign out¶

Tell Lino that you no longer want to be treated as an authenticated user and want to become anonymous again.

This is an item of the user menu.

demo mode¶

Operation mode of a Lino site where the welcome text for anonymous users says “This demo site has X users, they all have “1234” as password”, followed by a list of available usernames. A visitor can sign in just by clicking on a user name.

The demo mode should obviously be switched off on a production site.

The demo mode is activated by setting lino.core.site.Site.is_demo_site to True in your settings.py file.

verification code¶

A code sent to a user via email for verification.

The users plugin¶

The `users` plugin¶