rattail-manual/docs/features/people/users/index.rst


Users
=====

Users are a bit unique in the realm of Person-related data, because
it's often the case that they are *not* imported from some other
system, being instead maintained only in Rattail.  (Of course it *is*
still possible to import User records from another system.)

When you first setup a Rattail system you create the first "admin"
User.  You then login as that User and can create other Users as
needed, depending on who needs access.  For more info see also
:doc:`/data/auth`.

It's possible to tie a User record to a Person record, although
technically not required.  It is recommended since it opens up other
possibilities, for instance the app might present different features
based on some other related aspects e.g. of the Employee record of the
current User.

It's also common to create dedicated User accounts to represent the
other systems involved, e.g. your POS.  Such accounts do not tie back
to any Person and exist only for sake of attributing changes to the
applicable system, when data is imported to Rattail.

The username for each User must be unique.  Passwords are stored using
1-way encryption, so are not recoverable and must be reset if lost.

It is possible to authenticate users against something other than
Rattail, instead of or in addition to normal Rattail authentication.
For instance it can check LDAP, or a corresponding employee table in
your POS DB (e.g. if those credentials are stored as plain text).

It is also possible for Rattail to auto-create users upon first login,
if authenticating from another system like that.  If your permissions
are setup such that *any* "authenticated" (i.e. logged in) user has
access to certain features, this may be a useful option for you.  In
some cases you may also need to add logic to auto-assign the
newly-created user to some particular role(s) based on whatever...
Add more docs for Feature Layer not complete, but progress.. 2022-03-20 13:57:06 -05:00
			`Users`
			`=====`

			`Users are a bit unique in the realm of Person-related data, because`
			`it's often the case that they are not imported from some other`
			`system, being instead maintained only in Rattail. (Of course it is`
			`still possible to import User records from another system.)`

			`When you first setup a Rattail system you create the first "admin"`
			`User. You then login as that User and can create other Users as`
			`needed, depending on who needs access. For more info see also`
			:doc:`/data/auth`.

			`It's possible to tie a User record to a Person record, although`
			`technically not required. It is recommended since it opens up other`
			`possibilities, for instance the app might present different features`
			`based on some other related aspects e.g. of the Employee record of the`
			`current User.`

			`It's also common to create dedicated User accounts to represent the`
			`other systems involved, e.g. your POS. Such accounts do not tie back`
			`to any Person and exist only for sake of attributing changes to the`
			`applicable system, when data is imported to Rattail.`

			`The username for each User must be unique. Passwords are stored using`
			`1-way encryption, so are not recoverable and must be reset if lost.`

			`It is possible to authenticate users against something other than`
			`Rattail, instead of or in addition to normal Rattail authentication.`
			`For instance it can check LDAP, or a corresponding employee table in`
			`your POS DB (e.g. if those credentials are stored as plain text).`

			`It is also possible for Rattail to auto-create users upon first login,`
			`if authenticating from another system like that. If your permissions`
			`are setup such that any "authenticated" (i.e. logged in) user has`
			`access to certain features, this may be a useful option for you. In`
			`some cases you may also need to add logic to auto-assign the`
			`newly-created user to some particular role(s) based on whatever...`