Skip to content

Users

Jump to bottom Edit New page
Vess Popov edited this page Sep 10, 2019 · 8 revisions

The Users tab in the Concerto administration panel is used to determine who has access to that Concerto instance, in other words who can create or edit test content. Users is used in this sense in these guides, and is unrelated to any participants that may have completed a test.

Creating a user

Go to the Users tab in the Concerto administration panel. Here you can see a list of all the user accounts with some level of access to this Concerto instance.

1. Click on ‘Add new’ to create a new user.

2. There are four required fields – login, password, password confirmation and email. Input user1 as the login and password1 as the password for this example. Click Save.

3. The newly created user will appear in the list. You can now log out by clicking the button in the top-right corner and log back in using the new user credentials (user1, password1) to check that it has worked. If you need to edit the properties of any user, just click the Edit button highlighted.

Accessibility settings

All tests, templates, data tables, users, etc. in Concerto are objects that can have accessibility properties. When object accessibility is used in conjunction with user accessibility, you can make it so that certain users can only work on certain objects.

Objects have three levels of accessibility:

  • private – Object can only be accessed by owner of the object, or super admins.
  • group – Object can be accessed by owner, users belonging to the same group as the object, or super admins.
  • public – Object can be accessed by anyone logged in to the administration panel.

Similarly, Users can have three levels of accessibility:

  • private – User can only access objects that are owned or created by them
  • group – User can access all objects that belong to a defined set of groups
  • public – User can access all objects whose accessibility setting is set to public

Super admins

When you start a new Concerto instance there will, by default, be an admin user created with the property of ‘super admin’. Super admin users can perform operations on all objects and all users without limitation. This property should be reserved or avoided altogether in line with your organisation’s information security policy and the principle of least privilege. In other words, it is good practice to limit the access rights of users to the bare minimum permissions they need to perform their work. This means that if one of your user accounts is breached, it will not necessarily compromise the entire application.

Using groups

Assigning objects and users to groups is an effective way to manage permissions when you have clearly defined scopes of permissions. They allow a lot of flexibility in who can access what, so the example below will help to illustrate how this might be used in a hypothetical scenario where several test developers are working on independent projects on the same instance which share some but not all resources.

Walkthrough

Imagine we have 3 Concerto developers – Users A, B and C – who are developing 3 different tests. All users’ new tests have different logic but the same front-end design for the test page. User A’s test and User B’s test share a data table (normTable), but this contains data that is not relevant for User C. User B’s test and User C’s test both show the same thank you page at the end of the test, but this is not shown or needed by User A’s test. In this scenario, we want to achieve the following:

  • All users can access the testPage template
  • Only Users A and B can access the normTable data table
  • Only Users B and C can access the thankYou template
  • Other than that, users cannot access any other test content that is not their own

1. Create the objects we’ll be working with (don’t worry about adding any content to them):

  • Create 1 data table – call it normTable
  • Create 2 templates – call one of them testPage and the other one thankYou
  • Create 3 tests – call them testA, testB, testC

2. Apply ‘group’ attributes to your objects. We are going to accomplish what we want by assigning objects to one of two groups – red or green – and then having different users able to access one or more of these groups.

Go to the Data Tables tab and click edit on the normTable you created.

Change the Accessibility of this data table to group by selecting it from the dropdown. In the Groups field, write red. This means that this object will only be visible to users assigned to the red group. Click Save.

Go to the Templates tab and click edit on the testPage template you created.

Change the Accessibility of this template to public by selecting it from the dropdown. This will mean that it is accessible by anyone logged into the admin panel. Click Save.

Now edit the thankYou template. This time set the accessibility to group and in the Groups field, write green. Click Save. This means that this object will only be visible to users assigned to the green group.

3. Create users

Go to the Users tab and click Add new. Create a user called userA, with password ‘password’ and email [email protected]. We want user A to be able to access the normTable, which is in the red group. So write red in the Groups field. You also need to tick all of the checkboxes except Super admin and Archived to enable this user to be able to see all tabs in Concerto. Make sure it looks as below and then click Save.

Create another user. Call them userB, with password ‘password’ and email [email protected]. We want user B to be able to access the normTable, which is in the red group, and also the thankYou template, which is in the green group. So this time write red,green in the Groups field. This field looks for a comma-separated list of groups to which this user should belong. Tick all the checkboxes except Super admin and Archived, make sure it looks as below and then click Save.

Create another user. Call them userC, with password ‘password’ and email [email protected]. We want user C to be able to access the thankYou template, which is in the green group. So write green in the Groups field. You get the idea…make sure it looks as below and then click Save.

4. Set owners of test objects
We want tests to only be accessible by their owners, so we need to set the Owner property for each one because in this case the test objects have been created by the admin user. Objects will be owned by the user who created them by default.

Go to the Tests tab and click Edit on the testA row.

Click on the dropdown for the Owner field and select userA to make them the owner of testA. Click Save.

Repeat this process to make userB the owner of testB and userC the owner of testC. Save your changes and we’re done. You could also have accomplished the same thing using groups, by creating new groups to which only one user belongs and assigning tests to these as relevant.

Testing

1. Log out of Concerto and log in again with login userA and password password. On the Tests tab, you should see testA but not testB or test C. On the Templates tab you should see the testPage template but not the thankYou template. On the Data Tables tab you should see normTable.

2. Log out and log in again with login userB and password password. On the Tests tab, you should see testB but not testA or testC. On the Templates tab you should see both testPage and thankYou. On the Data Tables tab you should see normTable.

3. Log out and log in again with login userC and password password. On the Tests tab, you should see testC but not testA or testB. On the Templates tab you should see both testPage and thankYou. On the Data Tables tab you should NOT be able to see normTable.

Add a custom footer
Add a custom sidebar
Clone this wiki locally