Jingga/oms-Admin
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Admin.git synced 2026-01-26 12:08:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/Orange-Management/oms-Admin into develop

Browse Source
This commit is contained in:
Dennis Eichhorn 2020-06-25 22:03:05 +02:00
commit 9b5286c11d
7 changed files with 389 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Docs/Developer/de/SUMMARY.md Normal file
View File

@ -0,0 +1,5 @@
# User Content
* [Settings]({%}&page=Help/settings)
* [Accounts]({%}&page=Help/accounts)
* [Groups]({%}&page=Help/groups)

7
Docs/Developer/de/accounts.md Normal file
View File

@ -0,0 +1,7 @@
# Accounts
## DataMapper
## Controller
## API

5
Docs/Help/de/SUMMARY.md Normal file
View File

@ -0,0 +1,5 @@
# User Content
* [Settings]({%}&page=Help/settings)
* [Accounts]({%}&page=Help/accounts)
* [Groups]({%}&page=Help/groups)

113
Docs/Help/de/accounts.md Normal file
View File

@ -0,0 +1,113 @@
# Accounts
In `Accounts` you can create, delete and modify the accounts. Accounts are necessary for almost all data associated to persons or organizations. Usually modules either create new accounts when they want to store personal data or use an existing account for which the data should be stored.
## General
![General Settings](Modules/Admin/Docs/Help/img/accounts/accounts_general.png)
### ID
The id (unique identifier) is automatically generated.
### Type
An account can be either a:
* `Person`
* or a `Organization`
Both types can have the same permissions and functionality. This can be helpful for a lot of modules that rely on organizations or companies (e.g. a sales module that handles people as customers but also companies as customers).
### Status
An account has the following status:
* Active
* Inactive (usually used for long inactive accounts)
* Timeout (usually used for timeouts in case of bad behavior which will be automatically revoked after a certain time)
* Banned (usually used to disable accounts for an indefinite time)
### Username
Name of the account which can be shown in various places instead of the full name.
### Name1 - Name3
The name of the account. In some cases 3 names are necessary such as first name, middle name and family name. If more than 3 names are required you have to additionally put them into one of the 3 name fields.
### Email
The email field is the main email contact address for the account. This email address will be also used for password recovery.
### Password
The password field can be used to overwrite the current account password. If the password gets changed the user will also receive a notification email.
Alternatively click the `Reset` button and the account will receive an email with a temporary link redirecting the user to a page where he can change the password.
The required password structure is defined in the general settings.
## Permissions
![General Settings](Modules/Admin/Docs/Help/img/accounts/accounts_permissions.png)
Permissions have the following components which can be combined to either address a wide e.g. range of units, applications or modules or in order to address a very specific combination of those.
### Unit
The unit this permission is set for. Leave empty to address all units
### App
The application this permission is set for. Leave empty to address all applications
### Module
The module this permission is set for. Leave empty to address all modules
### Type
The type is a `module` specific subpart which only should be set if the module is defined in the permission. For further information what kind of types are available for a module please refer to the module specific documentation. Usually it refers to a single page of a module.
### Element
The element is a `module` and `type` specific subpart which only should be set if the `type` is defined in the permission. For further information what kind of elements are available for a module and type please refer to the module specific documentation. Usually it refers to a section on a module page.
### Component
The component is a `module`, `type` and `element` specific subpart which only should be set if the `element` is defined in the permission. For further information what kind of components are available for a module, type and element please refers to the module specific documentation. Usually it refers to a single input or option in a module.
### Permission
The actual permission consists of create (C), read (R), update (U), delete (D), permission (P) options.
#### Create (C)
This allows a user to create something. Usually a user should also have (R) permission in this case.
#### Read (R)
This allows a user to read/see something.
#### Update (U)
This allows a user to update/modify something. Usually a user should also have (R) permission in this case.
#### Delete (D)
This allows a user to delete/remove something. Usually a user should also have (R) permission in this case.
#### Permission (P)
This allows a user to change permissions. Usually a user should also have (C, R, U, D) permissions because the user could just give himself these permissions anyways. Only selected users should have this permission even if it is only specified for a specific module, type, element or component.
## Groups
![General Settings](Modules/Admin/Docs/Help/img/accounts/accounts_groups.png)
In the groups section you can see all groups that this account is assigned to and you can also add or remove the account to other groups. If you would like to add the account to the same groups as a different account just select the account whose groups you would like to copy and the account will be added to the same groups (one time only, there will be **no relation** between the two accounts.
## Audit Log
In the audit log you can see all the changes of the group.

83
Docs/Help/de/groups.md Normal file
View File

@ -0,0 +1,83 @@
# Groups
In `Groups` you can create, delete and modify the groups. Groups are global for all applications and units. If you want to have application or unit specific permissions you can do so in the group.
## General
![General Settings](Modules/Admin/Docs/Help/img/groups/groups_general.png)
### ID
The id (unique identifier) is automatically generated.
### Name
In some cases it makes sense to put some additional information in the group name. In some cases a group is only for a specific unit or application in such a case it could make sense to prefix the group name e.g. `unitname_groupname` or `appname_groupname`. Group names can be changed any time without any side effects.
### Description
Sometimes it makes sense to provide some additional information for a group. In such a case you can add this in the description field.
## Permissions
![General Settings](Modules/Admin/Docs/Help/img/groups/groups_permissions.png)
Permissions have the following components which can be combined to either address a wide e.g. range of units, applications or modules or in order to address a very specific combination of those.
### Unit
The unit this permission is set for. Leave empty to address all units
### App
The application this permission is set for. Leave empty to address all applications
### Module
The module this permission is set for. Leave empty to address all modules
### Type
The type is a `module` specific subpart which only should be set if the module is defined in the permission. For further information what kind of types are available for a module please refer to the module specific documentation. Usually it refers to a single page of a module.
### Element
The element is a `module` and `type` specific subpart which only should be set if the `type` is defined in the permission. For further information what kind of elements are available for a module and type please refer to the module specific documentation. Usually it referes to a section on a module page.
### Component
The component is a `module`, `type` and `element` specific subpart which only should be set if the `element` is defined in the permission. For further information what kind of components are available for a module, type and element please refer to the module specific documentation. Usually it refers to a single input or option in a module.
### Permission
The actual permission consists of create (C), read (R), update (U), delete (D), permission (P) options.
#### Create (C)
This allows a user to create something. Usually a user should also have (R) permission in this case.
#### Read (R)
This allows a user to read/see something.
#### Update (U)
This allows a user to update/modify something. Usually a user should also have (R) permission in this case.
#### Delete (D)
This allows a user to delete/remove something. Usually a user should also have (R) permission in this case.
#### Permission (P)
This allows a user to change permissions. Usually a user should also have (C, R, U, D) permissions because the user could just give himself these permissions anyways. Only selected users should have this permission even if it is only specified for a specific module, type, element or component.
## Accounts
![General Settings](Modules/Admin/Docs/Help/img/groups/groups_accounts.png)
In the accounts section you can see all users that are assigned to this group and you can also add or remove accounts. If you would like to add all users from a different group simply select the group and all the users that are part of this group will be added to this group as well (one time only, there will be **no relation** (e.g. parent/child group) between these two groups).
## Audit Log
In the audit log you can see all the changes of the group.

83
Docs/Help/de/introduction.md Normal file
View File

@ -0,0 +1,83 @@
# Introduction
The **Admin** module is one of the essential core modules that is always required. This module handles basic account, group and module management.
## Target Group
The target group for this module is everyone, since every application must have this module. However mainly administrators should have access permissions to this module since core application settings can be changed.
# Setup
This module doesn't have any additional setup requirements since it is installed during the application install process. This module cannot be uninstalled if it is manually deleted from the hard drive please manually download the module from the page and put it into the `Modules/` directory.
# Features
## Application Settings
The module provides basic application settings such as:
### Security
The following are only the customizable security settings. Many security settings are fixed within the application and in addition security settings (e.g. iptables) should be done on the server-side.
* Password structure
* Password change interval
* Auto updates for modules
### Localization
The localization settings are only for the server, accounts can have their own localization settings which is especially important for international use.
* Location
* Language
* Time format
* Numeric (number and currency format)
* Units (weight, speed, length, temperature, etc.)
## Account Management
The account management allows to create, modify and delete accounts. Accounts can get assigned to groups and individual permissions. It's easy to see which groups and permissions one account is assigned to. Every account has a numeric ID larger 0.
### Account Type
Accounts can have the following types:
* Person
* Organization
This allows organizations to have an account and also normal users. It's also possible to assign an account to an organization which allows for permission management in one organization.
The use case for this could be one customer account for a company and user accounts assigned to the company which each have different permissions within the company. The purchase department of a company e.g. could be able to see their orders while only the financial department of that company is allowed to see the accounts payable of their company.
### Account Status
Accounts can have the following status:
* Active (login possible)
* Inactive (login not possible)
* Banned (login not possible)
* Timeout (login possible in x-minutes)
The status doesn't represent account activity it's only purpose is to allow or disallow the login to the application. Only active accounts can login to the application. It is often necessary to create accounts in the system for interaction but disallow them to login to the system, this can be achieved by simply assigning the inactive status.
## Group Management
The group management allows to create, modify and delete groups. Groups can get assigned to other groups which lets the group inherit permissions from the other groups. It is also possible to assign individual permissions to a group. In the group accounts can be added and it's easy to see which accounts are part of the group.
Groups have a numeric ID larger 0. Every module has its own permission/group range. Modules can pre-define groups upon installation for easier use, every module can have up to 99,999 groups AND permissions.
## Module Management
The module management allows to install, update, delete and configure modules. The configuration of every module can be different depending on the functionality of the module.
Modules can be installed either manually by uploading the module directly to the `Modules/` directory or via online installation. The online installation requires the php module `curl`.
In the module you can see which groups have permissions belonging to the module, which permissions are available for the module and what their effect is.
# Recommendation
Other modules that work great with this one together are:
* [Job](Job)
* [Monitoring](Monitoring)
* [Backup](Backup)

93
Docs/Help/de/settings.md Normal file
View File

@ -0,0 +1,93 @@
# Settings
## Genral
In the admin module under `General` the global settings can be set.
### Security
In the security section it's possible to define and modify the global security settings. These settings will be used for every user.
![General Settings](Modules/Admin/Docs/Help/img/general/settings_security.png)
#### Password Regex
In this field the password structure can be defined that is required by every account. Examples are:
##### Password Example 1
At least 8 characters including at least one numeric value, one lower letter, one upper letter, one special char
```^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&;:\(\)\[\]=\{\}\+\-])[.]{8,}```
##### Password Example 2
At least 8 characters including at least one numeric value, one upper letter, one special char
```^(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&;:\(\)\[\]=\{\}\+\-])[.]{8,}```
##### Password Example 3
At least 8 characters including at least one numeric value, one special char
```^(?=.*\d)(?=.*[$@$!%*?&;:\(\)\[\]=\{\}\+\-])[.]{8,}```
##### Password Example 4
At least 8 characters including at least one special char
```^(?=.*[$@$!%*?&;:\(\)\[\]=\{\}\+\-])[.]{8,}```
##### Password Example 5
At least 8 characters
```^[.]{8,}```
##### Password Example 6
At least 12 characters
```^[.]{12,}```
#### Login Retries
In this field the amount of retries can be defined until the user login receives a timeout. During this timeout period no login is possible even if the correct password is entered. Infinite amount of retries can be activated by setting the value to `-1`
**Recommended:** `3 times`
#### Timeout Period
In this field the timeout period after inputting a incorrect password too often can be specified. During this period the user cannot login even if the password is correct.
**Recommended:** `30 minutes`
#### Password Change Interval
In this field the interval in days can be set in which the password must be changed. If passwords don't have to be changed set the value to `-1`
**Recommended:** `90 days`
#### Password History
In this field the relevant password history can be defined. If a password change interval is defined the new password has to be different from the last `x` passwords
**Recommended:** `3 last passwords`
### Logging
In the logging section the logging settings can be defined. These settings don't include audit logs as they cannot be changed in order to prevent data manipulation.
**Recommended:** `active and default path`
![General Settings](Modules/Admin/Docs/Help/img/general/settings_logging.png)
## Localization
In the localization tab it's possible to define the default localization settings. Be aware that users may have localization settings different from the default settings. These localization settings are only important to provide a fallback if the user localization settings are not working.
![Localization Settings](Modules/Admin/Docs/Help/img/general/settings_localization.png)
### Defaults
In the defaults field you can select a default localization configuration which you can adjust afterwards.