Closed ij-cope closed 5 years ago
@ij-cope Good point, sounds reasonable to me. Just need to make sure we clarify who the essential staff are.
Yes, so much so that I listed this as an issue in June 2017 as #299. Given that management of user access was delegated down to the admin users and not just with me I had hoped that someone who was familiar with all the users was actually managing their access.
Essential staff - now that data collection is over would be, according to my view
Tim, thanks to schedule this for our next call.
Once my account is up and running again, if Carl could assign me admin right, I could tackle access management
Thanks
Have (re)emailed password to Ina for her new account.
Staff management can be done via https://cope.nds.ox.ac.uk/en-gb/wp4/staff/
After further consideration, removing staff access should be done by marking their account inactive. Another option would be to reset their password and thus lock the user out of their account. We don't want to remove their roles as this may break data linkages for analysis.
At present, the function to inactivate accounts is presently only available to myself, however I will see if this can be added to the Staff Management screen for the upcoming update.
Added the Active flag to the Staff app, and a link to the change password form, as these are trivial changes. Adding an admin only link to the "force password change" isn't trivial though, so will park that idea for now as superfluous.
Upon release of this build (0.9.3) you admins will be able to deactivate user accounts which will stop them from logging in, but not disturb the data links.
@ij-cope @bolandt76 - Staff Deactivation is now live with the 0.9.3 release. To disable a user account for someone who no longer needs access, visit Staff Admin - https://cope.nds.ox.ac.uk/en-gb/wp4/staff/ - and then edit the user; deselect the "Is Active" checkbox, and then save. That user will then be unable to log into the system until their account is reactivated.
I'll leave you to close this issue once you've updated all the relevant user records.
As discussed at WP4 call on 02/05/2019 all users except the ones below have been disabled
Essential users that need to keep access for now:
Hi @marshalc, @ldaviesnds, and @bolandt76
in preparation of Carl signing over, it would be important for the sake of data integrity etc to revoke access of non essential staff to the database if not already done so.
Carl, Lucy, Tim, what are your thoughts on this?