User Management Module

The User Management module allows you to manage users, roles, and permissions in your Nexora installation. This guide covers all user management features.

---

Table of Contents

1. Overview
2. Accessing User Management
3. User List
4. Creating Users
5. Editing Users
6. User Roles
7. Permissions Management
8. Bulk Operations
9. User Teams/Workspaces
10. User Activity

---

Overview

Features

• ✅ Create and manage user accounts
• ✅ Role-based access control (RBAC)
• ✅ Permission management
• ✅ User teams/workspaces
• ✅ User activity tracking
• ✅ Bulk user operations
• ✅ User profile management
• ✅ Password management

Admin Routes

• User List: /admin/users
• Create User: /admin/users/create
• Edit User: /admin/users/{id}/edit
• Roles: /admin/roles

Permissions

• View Users: view users permission
• Create Users: create users permission
• Edit Users: edit users permission
• Delete Users: delete users permission
• Manage Roles: manage roles & permissions permission

---

Accessing User Management

From Admin Panel

1. Log in to admin panel
2. Navigate to Core → Users
3. Or go directly to: /admin/users

User Management Sections

• Users: User list and management
• Roles: Role management
• Permissions: Permission assignments

---

User List

Viewing Users

Access at: /admin/users

List Features

Search

• Search by name, email, username
• Real-time search results
• Filters as you type

Filters

• Role: Filter by user role
• Status: Active/Inactive
• Date: Registration date range
• Team: Filter by team/workspace

Sorting

• By Name (A-Z, Z-A)
• By Email
• By Registration Date
• By Last Login

Display Options

• Items per page (10, 25, 50, 100)
• Grid or list view
• Column visibility

User Information Displayed

• Name: User's full name
• Email: Email address
• Role: Assigned role(s)
• Status: Active/Inactive
• Last Login: Last login timestamp
• Registered: Registration date

---

Creating Users

Step 1: Access Create Page

1. Go to Users → Create New User
2. Or navigate to: /admin/users/create

Step 2: Basic Information

First Name

• User's first name
• Required field
• Example: John

Last Name

• User's last name
• Required field
• Example: Doe

Email Address

• Required: Must be unique
• Used for login
• Used for notifications
• Format: user@example.com

Username (Optional)

• Alternative login identifier
• Must be unique if provided
• Alphanumeric and underscores only

Step 3: Password

Set Password

• Minimum: 8 characters
• Recommended: 12+ characters
• Include:
  • Uppercase letters
  • Lowercase letters
  • Numbers
  • Special characters

Password Options

• Set Password: Enter password manually
• Generate Password: Auto-generate strong password
• Send Password Reset: User sets password via email

Step 4: Role Assignment

Select Role

• Choose from available roles
• Can assign multiple roles
• Primary role determines main permissions

Available Roles

• Admin: Full system access
• Editor: Content management
• Author: Content creation
• Contributor: Limited content creation
• Subscriber: Basic access
• Custom Roles: User-defined roles

Step 5: Additional Settings

Status

• Active: User can log in
• Inactive: Account disabled

Email Verification

• Verified: Email confirmed
• Unverified: Requires verification

Two-Factor Authentication

• Enable 2FA for user
• Requires setup by user

Step 6: Team/Workspace Assignment

Assign to Team

• Select team/workspace
• User gains team permissions
• Access to team resources

Step 7: Save User

• Create User: Save and create account
• Create & Add Another: Save and create another
• Create & Edit: Save and continue editing

---

Editing Users

Accessing Edit Page

1. Go to user list
2. Click Edit on user
3. Or navigate to: /admin/users/{id}/edit

Editable Information

Personal Information

• First Name
• Last Name
• Email (with verification)
• Username
• Phone Number
• Address

Account Settings

• Change Password:
  • Enter new password
  • Confirm password
  • Save changes

Role Management

• Change Roles:
  • Add roles
  • Remove roles
  • Set primary role

Status Management

• Activate/Deactivate:
  • Toggle user status
  • Inactive users cannot log in

Team Assignment

• Change Team:
  • Assign to different team
  • Remove from team
  • Change team role

Updating Own Profile

Users can update their own profile:

• Access at: /admin/users/update-own
• Can change:
  • Name
  • Email
  • Password
  • Profile picture
  • Personal preferences

---

User Roles

Accessing Roles

1. Go to Users → Roles
2. Or navigate to: /admin/roles

Role Management

Creating a Role

1. Click Create New Role
2. Enter:
   • Name: Role name (e.g., "Content Manager")
   • Slug: URL-friendly version (auto-generated)
   • Description: Role description
3. Click Save

Role Features

• Clone Role: Duplicate existing role
• Bulk Assign: Assign role to multiple users
• Statistics: View role usage stats

Default Roles

Administrator

• Full system access
• All permissions
• Can manage everything

Editor

• Content management
• Can publish content
• Can manage media
• Limited settings access

Author

• Create and edit own content
• Cannot publish (requires approval)
• Limited media access

Contributor

• Create content
• Cannot publish
• Very limited access

Subscriber

• Basic access
• View content
• Comment on posts

Custom Roles

Create roles with specific permissions:

1. Create role
2. Assign permissions
3. Assign to users

---

Permissions Management

Understanding Permissions

Permissions control what users can do:

• View: Can see content
• Create: Can create new content
• Edit: Can modify content
• Delete: Can remove content
• Manage: Full control over module

Permission Structure

Module Permissions

• view posts - View blog posts
• create posts - Create posts
• edit posts - Edit posts
• delete posts - Delete posts
• manage posts - Full post management

System Permissions

• access admin panel - Access admin area
• manage settings - Change settings
• manage users - User management
• manage roles & permissions - Role management

Assigning Permissions

To Role

1. Go to Roles → Edit role
2. Scroll to Permissions
3. Check permissions to grant
4. Uncheck to revoke
5. Click Save

To User

1. Edit user
2. Go to Permissions section
3. Assign permissions directly
4. User-specific permissions override role permissions

Permission Hierarchy

1. User-Specific: Highest priority
2. Role Permissions: Default permissions
3. Module Defaults: Base permissions

---

Bulk Operations

Bulk Actions Available

Bulk Delete

1. Select multiple users (checkboxes)
2. Click Bulk Actions dropdown
3. Select Delete
4. Confirm deletion
5. All selected users are deleted

Warning: Cannot be undone. Users' content may be affected.

Bulk Role Assignment

1. Select users
2. Click Bulk Actions
3. Select Assign Role
4. Choose role
5. All selected users get role

Bulk Status Change

1. Select users
2. Click Bulk Actions
3. Select Change Status
4. Choose Active/Inactive
5. All selected users updated

Selecting Users

• Select All: Checkbox in header
• Select Page: Select all on current page
• Individual: Check individual users

---

User Teams/Workspaces

Overview

Teams allow grouping users for:

• Collaborative projects
• Resource sharing
• Team-specific permissions
• Organization structure

Team Management

Creating Teams

1. Go to Users → Teams
2. Click Create Team
3. Enter:
   • Team name
   • Description
   • Team settings
4. Click Save

Assigning Users to Teams

1. Edit user
2. Go to Teams section
3. Select team(s)
4. Choose team role:
   • Owner: Full team control
   • Admin: Team management
   • Member: Basic team access
5. Save

Team Features

• Shared Resources: Team members share access
• Team Projects: Collaborative projects
• Team Permissions: Team-specific access
• Team Communication: Team messaging

---

User Activity

Activity Tracking

System tracks:

• Login/logout times
• Content created/edited
• Settings changed
• Actions performed

Viewing Activity

1. Go to user profile
2. Click Activity tab
3. View:
   • Recent actions
   • Login history
   • Content changes
   • System events

Activity Log

Admin can view all user activity:

• Access at: Activity log (if available)
• Filter by user, date, action
• Export activity reports

---

Password Management

Resetting Passwords

Admin Reset

1. Edit user
2. Go to Password section
3. Enter new password
4. Confirm password
5. Save

User Self-Reset

1. User clicks "Forgot Password"
2. Receives reset email
3. Clicks reset link
4. Sets new password

Password Requirements

• Minimum: 8 characters
• Recommended: 12+ characters
• Complexity: Mix of letters, numbers, symbols
• History: Cannot reuse recent passwords (if enabled)

Password Security

• Passwords are encrypted
• Never stored in plain text
• Reset links expire
• Failed login attempts tracked

---

Best Practices

User Creation

1. Verify Email:

   • Use valid email addresses
   • Verify email ownership
   • Keep emails updated

2. Assign Appropriate Roles:

   • Follow principle of least privilege
   • Only grant necessary permissions
   • Review role assignments regularly

3. Set Strong Passwords:

   • Enforce password policy
   • Encourage password managers
   • Enable 2FA when possible

Role Management

1. Create Specific Roles:

   • Define clear role purposes
   • Assign relevant permissions
   • Document role responsibilities

2. Regular Audits:

   • Review user roles periodically
   • Remove unnecessary permissions
   • Update roles as needed

3. Use Teams:

   • Organize users into teams
   • Simplify permission management
   • Improve collaboration

Security

1. Monitor Activity:

   • Review login logs
   • Check for suspicious activity
   • Investigate anomalies

2. Regular Cleanup:

   • Remove inactive users
   • Deactivate unused accounts
   • Archive old accounts

3. Access Control:

   • Limit admin access
   • Use role-based permissions
   • Review permissions regularly

---

Troubleshooting

User Cannot Log In

Solutions:

1. Check user status (must be Active)
2. Verify email is correct
3. Check password reset
4. Verify email verification status
5. Check for account lockout

Permission Issues

Solutions:

1. Verify role permissions
2. Check user-specific permissions
3. Clear permission cache
4. Reassign role if needed

Email Not Sending

Solutions:

1. Check email settings
2. Verify SMTP configuration
3. Check spam folder
4. Test email functionality

---

Related Documentation

• Roles & Permissions
• Security Best Practices
• Email Settings

---

Last Updated: [Date will be updated during final review]