|
|
@@ -98,11 +98,41 @@ Similarly, group administrators can revoke the permissions of other group admini
|
|
|
|
|
|
Note that, when removing group administrator status of a user, the user will still be a member of the group, though no longer an administrator.
|
|
|
As such, the result of the previous two commands will leave *user1* as a group member, even though that might not have been the case before.
|
|
|
+A *group_kick* automatically removes group administrator permissions as well.
|
|
|
|
|
|
+All users can create new groups, of which they automatically become the group administrator::
|
|
|
+
|
|
|
+ >>> group_add("group2)
|
|
|
|
|
|
-Users can also create new groups, of
|
|
|
+Similarly, groups can be removed by the group owner.
|
|
|
+This not only removes the group, but also kicks all users and thereby revokes all permissions originally given by that group::
|
|
|
+
|
|
|
+ >>> group_delete("group2")
|
|
|
+
|
|
|
+User management
|
|
|
+---------------
|
|
|
+
|
|
|
+Users can manage the basics of their accounts.
|
|
|
+This includes changing their username.
|
|
|
+In this case, only the name is altered, and all permissions remain unaltered.
|
|
|
+This is because only the name changes, and not the internal representation of that user.
|
|
|
+For example, to change the username of *user1* to *user_1*::
|
|
|
+
|
|
|
+ >>> user_name("user1", "user_1")
|
|
|
+
|
|
|
+Similarly, users can alter their password::
|
|
|
+
|
|
|
+ >>> user_password("user_1", "new_password")
|
|
|
+
|
|
|
+In both cases, all currently active sessions remain active, but future logins need to use the new credentials.
|
|
|
|
|
|
Administrators
|
|
|
--------------
|
|
|
|
|
|
-Explain use of administrators and what they can do.
|
|
|
+Finally, there is still the notion of an administrator in the Modelverse.
|
|
|
+Administrators are basically like the root users on UNIX systems: independent of permissions, they are allowed to perform any operation they want.
|
|
|
+As such, they are implicitly owner of each model, administrator of all groups, and have full permissions for user management.
|
|
|
+The Modelverse is initialized with one administrator user, but administrators can create (promote) new administrators, or revoke their administrator permissions (demote)::
|
|
|
+
|
|
|
+ >>> admin_promote("user1")
|
|
|
+ >>> admin_demote("user1")
|
