These components allow lists of users and user groups to be managed and used, for example to select users or manage permissions.
User lists
The User List type can be used to create a list of users, user groups and other user lists, which are listed in the User list field.
The User list field can specify users, user groups or user lists:
- Directly, by node.
- Indirectly, by dynamic binding.
- By a combination of binding and field.
When using bindings, use the Inbound Link Change Propagator to inform the user list of changes in the bound node.
User selectors
The User Selector is a specialisation of a user list which allows a set of users to be selected from a Select users from list, and this then used to create an output user list.
The Owning User Subgroup type is similar to User Selector type. It specifies an owning user group in the first item of the Select users from list, and then provides access to the actions of the underlying user group. This provides a convenient way of defining and managing a selection of users.
If a user selector selects from a user group node with a list of users, it selects the users from the user group node.
User list manifests
The User List Manifest type combines a standard permissions manifest with a User list, and then grants use manifest permissions to all the users and user groups in the user list. This can be used to manage permissions simply by managing user groups and user lists. The Derive User List Manifest Permissions field provides the necessary functionality, and can be incorporated into other types to achieve declaration-based permissions.
If a user list manifest lists a user group node with a user list, it sets permissions for the user group not the individual users.
The User Group Permissions Manifest is an extension of User List Manifest which also allows user group permission to be set using user group nodes and permission references. It scans the permission type references for user group permissions, and where it finds them, looks up the related node to see if it has a User group reference field, and where it does, sets the user group permissions to match the use manifest permissions. The Derive User List User Group Permissions field provides the necessary functionality, and can be incorporated into other types.
The following user group permission types are supported:
- For owning user groups:
- administer-owning-user-group
- sign-on-as
- own-users
- grant-to-usergroup
- For normal user groups:
- administer-usergroup
- grant-to-usergroup
Derive User List User Group Permissions generates a Permission manifest member to represent the required user group permissions. Node types using Derive User List User Group Permissions should ensure that context.refreshManifestPermissions() is called, for example by including Derive User List Manifest Permissions after it.