User administration

Each Wrapsite must define the users that have access to its wraps. User Roles and Workgroups are used for access control. User-related settings define rules for User registration, passwords etc.

User accounts are maintained separately per Wrapsite. User accounts have a unique username and password to access the Wrapsite.

User profiles add extra user information (e-mail address, address, telephone, etc). The User-related Wrapsite settings are described at the end of this document and control things such as password rules and the User registration process.

Users are assigned one or more Roles. Users may belong to a Workgroup.

To learn more about access control, visit the help page about the ExcelWraps permissions model.

The Audit Trail

Many system events related to Users can be logged in the Audit Trail: login/logout, failed login, password change, lost password, etc.

The Audit Trail can also register every time you create, edit, or delete a Role, or grant/revoke a Role for a User.

Users

Users are an integral part of the ExcelWraps permissions model. You define your users on your Wrapsite’s Administration > Users page.

Rules for usernames

The first character needs to be a letter, and the remainder either alphanumeric, or underscore (_).
The minimum length is 2 characters, and the maximum length is 255 based on business rules.

Valid usernames

A_
b_
cc
cA
IamAValidUserName1234

Invalid usernames

a  (too short)
1forall  (starts with a number)
Iamnot-valid (contains a hyphen)
I contain invalid spaces (contains spaces)
What+IsThis (contains a plus sign)

Page header

Screenshots of the Users page of a wrapsite

The Apply button performs the action selected in the Actions menu for the selected Users. The possible actions are:

  • Approve – Make users that have registered themselves eligible to log in to the Wrapsite.
  • Disable – Make users unable to log in.
  • Send challenge e-mail – Verify a user’s e-mail address by sending an e-mail with a verification link.

The monthly fee for ExcelWraps is based upon the count of approved/enabled users. Users that are disabled cannot log in and aren’t charged for.

The Filter setting allows you to show all approved users, users that are pending approval, or users that have been sent a verification e-mail but not clicked on the verification link yet. The Sort by setting allows you to order the Users by Name, E-mail address, or the time for their most recent login. Press the Filter button to apply the filter and sorting settings and refresh the list of Users.

Click on the Add a new user button to define a new user of the Wrapsite.

List header

The search boxes are used to find Users by filtering the corresponding column – just enter a part of the expected value for each applicable column and press Filter.

The checkbox in the column header selects all Users.

The Name column contains the name of the User.

The Email column contains the User’s e-mail address.

The Company column shows where the User works.

The Location column contains the name of the city where the User’s office is located.

The Roles column contains the Roles assigned to the User.

The Workgroup column contains the name of the User’s Workgroup.

The Actions column allows you to edit the User properties described below, or to Disable the User from logging in.

The Last Login Time column contains a timestamp for the User’s most recent login.

List entries

If you click on the name of a User, the Edit User window opens with the User’s properties.

List footer

The number of items per page is controlled by the Show parameter at the bottom of the list. If the number of items exceeds this setting, a page navigation control appears to the right of it, allowing you to navigate directly to the page you want.

Screenshot of the pagination options at the bottom of a list of items

Edit User

Clicking on the Edit link for a User allows you to modify some of the User’s properties:

  • User Name – The user name is set during registration and cannot be changed.
  • E-mail – The user’s e-mail address.
  • First Name – The given name or forename of the user. Be aware that in many cultures, the given name is written last, for example in Hungary, parts of Africa, and large parts of Asia. Do not assume that the name that is written first is the given name.
  • Last Name – The surname or family name of the user. Again, in many cultures, it may be written as the first part of the name.
  • Nick Name (or initials) – Should be unique since they appear in signatures to identify the user that signed the Wrap.
  • Company – The name of the company where the User works.
  • Location – The physical location (city, state/region, country) where the User is normally located.

Roles

The Roles defined on the Roles tab (see below) appear on the detail page for each User. To assign a Role to a User indefinitely, tick the corresponding checkbox.

Screenshot of a user definition where roles have been ticked off in a list

If one or more roles aren’t visible here, you may need to check your settings. The roles that are assignable to Users are globally controlled by Settings > ExcelWraps > Assignable Roles Pool, and you select the assignable roles per Workgroup in Users > Workgroups > Assignable Roles.

Dynamic Roles

You can dynamically assign Roles from a Competence Wrap using the UserRole function. If a User has been dynamically assigned a Role, it has an automatic expiration date instead of the tick in the box that the permanent Roles have. The User in the screenshot below has the Client Role until the expiry date, and the C-Mech Role until it is revoked.

Screenshot of User definition with a temporary role

If you tick the checkbox for a dynamic Role, you disable the automatic expiration and the Role becomes permanent – the User retains the Role until you untick the box. If the box is not ticked, or if you tick it and then untick it, the User still retains the Role until it expires automatically. The help for the UserRole function describes how to remove a dynamic Role.

Workgroup

When a new User is registered in ExcelWraps, he/she is not assigned to any workgroup and the Workgroup setting says None.

To assign a User to a particular Workgroup, select that group in the list.

Passwords

User passwords are defined when you register a new User. The formatting rules for passwords are documented under Passwords below. You can change a user’s password on the Passwords page described below.

Roles

Roles are an integral part of the ExcelWraps permissions model. You define your Roles on your Wrapsite’s Administration > Users > Roles page.

Adding a new role here does not necessarily make it visible in all lists of roles. When you assign permissions for Wrapgroups, the visibility of Roles is controlled by Settings > ExcelWraps > Displayed Roles. The roles that are assignable to Users are globally controlled by Settings > ExcelWraps > Assignable Roles Pool, and you select the assignable roles per Workgroup in Users > Workgroups > Assignable Roles.

Page header

Screenshot of the Roles tab on the Users page for a wrapsite

The Apply button performs the action selected in the Actions menu for the selected Roles. The only possible action is Delete which disconnects all Users from the Role and removes the Role definition. Note that this is an extremely rare action. You will have to manually grant the Role to all the applicable users again if you ever want to undo the delete.

Click on the Add a role button to define a new Role.

List header

The checkbox in the column header selects all Roles.

The Name column contains the name of the Role.

The Actions column allows you to edit the Role properties described below, or to delete the Role.

List entries

If you click on the name of a Role, the Edit Role window opens with the Role’s properties.

List footer

The number of items per page is controlled by the Show parameter at the bottom of the list. If the number of items exceeds this setting, a page navigation control appears to the right of it, allowing you to navigate directly to the page you want.

Screenshot of the pagination options at the bottom of a list of items

Edit Role

Clicking on the name of a Role in the list allows you to modify some of the Role’s properties:

  • Name – The Role name is set when the Role is defined, and shouldn’t be changed once you’ve started to use it.
  • Permissions – These are internal permissions mainly relating to the Orchard content management system used for ExcelWraps. Please contact Client Services if you believe you need to change these.

ExcelWraps feature permissions

You may want to assign some extended ExcelWraps permissions to particular Roles. In this case, scroll to the MoreVision.ExcelWraps Feature section and tick the ExcelWraps feature permissions required for the Role.

  • Override Wrap instance locks – TBD
  • Lock Wrap definitions – TBD
  • Managing Workgroup Users – This is used for workgroup administrators and enables them to assign users to workgroups.
  • Managing ExcelWraps – TBD
  • Managing Workgroups – This is used for workgroup administrators and enables them to create, rename and delete workgroups.
  • Restore Wrap definitions and their instances – By default, only Administrators can restore Wrap templates and Wraps. If you want to extend this permission to other roles, you tick this checkbox for all the affected roles.
  • Operate on behalf of others – Users with this Role can run Wraps that set or change the createdby field for selected Wrap instances.
  • Bulk Create PDF – Enables the user to request PDF generation for all wraps on the MyWraps Action menu.
  • Bulk Export PDF – Enables the user to export PDFs for all wraps on the MyWraps Action menu.
  • Manage MyWraps – TBD
  • Can Download Wrap source files – A user with this role can download Wrap templates in Excel format.

Passwords

Passwords are used to protect user identities as an integral part of the ExcelWraps permissions model. A password is set for each User when they are defined. You can change User passwords on your Wrapsite’s Administration > Users > Passwords page.

Password rules

By default, passwords must be at least seven characters long. They must contain at least one uppercase letter, one lowercase letter, one digit, and one special character. The special characters that you may use in passwords are

!@#$%^&*(){}[].

You can define local password rules at Administration dashboard > Settings > Users > Passwords must meet Custom requirements.

Page header

Screenshot of the Passwords page on the Administration dashboard

The search box is used to find Users by name or e-mail address – just enter a part of the name or e-mail address and press Enter. The Filter setting allows you to show all approved Users, Users that are pending approval, or Users that have been sent a verification e-mail but not clicked on the verification link yet. The Sort by setting allows you to order the Users by Name or E-mail address. Press the Filter button to apply the filter and sorting settings and refresh the list of Users.

List header

The down arrow in the column header selects all Users.

The Name column contains the name of the User.

The Email column contains the User’s e-mail address.

The Actions column allows you to change the password for the User.

List entries

If you click on the name of a User, the Change Password window opens.

List footer

The number of items per page is controlled by the Show parameter at the bottom of the list. If the number of items exceeds this setting, a page navigation control appears to the right of it, allowing you to navigate directly to the page you want.

Screenshot of the pagination options at the bottom of a list of items

Change Password

Clicking on the Change Password link for a User allows you to change the User’s password. The formatting rules for passwords are described above.

Screenshot of the Change Password window

In the form, assign a temporary password for the user and enter it again in the second field to avoid typing errors, then press Save.

Instruct the user to log in using the temporary password, then change it again to ensure that each user has a password that cannot have been intercepted in transit and isn’t known to anyone else.

Workgroups

Workgroups are an integral part of the ExcelWraps permissions model. You define your Workgroups on your Wrapsite’s Administration > Users > Workgroups page.

Page header

Screenshot of the Workgroups tab on the Users section of the Administration dashboard

The Apply button performs the action selected in the Actions menu for the selected Workgroups. The only possible action is Delete which disconnects all users from the selected Workgroup and removes the Workgroup definition. The Users in the Workgroup are not deleted.

Click on the Add button to define a new Workgroup.

List header

The down arrow in the column header selects all Workgroups.

The Name column contains the name of the Workgroup.

The Tags column contains the tags used to select this Workgroup when it is trusted with an instance belonging to another Workgroup.

The Trusted Workgroups column contains the names of the Workgroups that this Workgroup permanently trusts with access to its Wraps.

List entries

If you click on the name of a Workgroup, the Edit Workgroup window opens with the Workgroup’s properties.

List footer

The number of items per page is controlled by the Show parameter at the bottom of the list. If the number of items exceeds this setting, a page navigation control appears to the right of it, allowing you to navigate directly to the page you want.

Screenshot of the pagination options at the bottom of a list of items

Edit Workgroup

Clicking on the name of a Workgroup in the list allows you to modify some of the Workgroup’s properties:

  • Name – The Workgroup name is set when the Workgroup is created and cannot be changed.
  • Description – This is a free-text description of the members in the Workgroup.
  • Tags – Workgroup Tags are used together with the WorkgroupSelector widget to trust a single instance of a Wrap to another Workgroup.
  • Default Workgroup Culture – This defines the regional settings for the Workgroup, e.g. date, time, and number formats.
  • Default Workgroup Time Zone – Sets the time zone for the Workgroup.
  • Assignable Roles – If you delegate administration of a Workgroup to a local administrator, you have the option of delegating administration also of the User Roles that you select here. Unchecking a role here means that the local Workgroup admin won’t be able to assign it to a User in the Workgroup. The roles that appear in this list are selected in Settings > ExcelWraps > Assignable Roles Pool
  • Trusted Workgroups – Tick the box for each other Workgroup this Workgroup is trusting with access to its Wraps. For more information about trusted workgroups, read the Wrapgroups and Workgroups help page.

Settings related to User administration

There is a group of settings on the Administration dashboard > Settings > Users that control User administration.

  • Users can create new account on the site – This allows new users to apply for an account on the Wrapsite. It saves you the time entering the User’s details and they still need your approval to be able to login.
  • Users require an e-mail address – If Users register themselves, you should tick this to make an e-mail address mandatory.
  • Passwords must meet Custom requirements – If your organization has certain requirements on User passwords, tick this box and define the local rules.
  • Display a link to enable users to reset their password – Tick this box if Users should be able to initiate a reset of their password if they’ve forgotten it and are unable to log in. An e-mail is sent to the User’s registered e-mail address allowing the User to define a new password.
  • Users must verify their email address – It is easy to make a typo in an e-mail address. Tick this box to have an e-mail sent to each new User asking them to confirm their e-mail address by clicking on a link in the e-mail.
  • Users must be approved before they can log in – This is used when Users can register themselves to ensure that all Users are approved.
  • Moderators – A list of User names that are allowed to approve new Users.
  • Session Timeout – A timer logs Users off the system automatically after this may minutes of inactivity. If the User has left his/her screen unattended, this reduces the risk that someone passing by the User’s screen gets unauthenticated access to the Wrapsite.