Nearly all products will need to allow the user to set permissions on who else can use the product. This requirement can be split into two: managing users and setting permissions. This section deals with user management, the next section with permission management.
Within your application, different users will probably have different roles. For example, in the sample application, there are two roles: administrators who can do anything and users who have more limited rights.
Each role needs to be represented by a user group. Use the User Group type to create a user group, and keep the user groups in your advanced settings folder. Set the Manage user group option to Automatically manage the user group, to ensure that the user group is created when the product is installed, and deleted when the product is uninstalled. See Gadget users for an example.
Create a binding in your top-level product folder for each of your user groups, so that you can reference them in the permission setup.
Use the Role User Group Maintainer type to create a screen to assign users to roles. Make the role maintainer available to the product users, for example by putting it immediately under the main folder. See User roles for an example of how to connect the role maintainer to the user groups and the options that it requires.
The user groups and role maintainer both have initialization code. The user groups should be initialized first. Use an initialization list to enforce the order of initialization (see Product instance – general configuration).