From d41e59dc1af1880e96a8f13b7efdcc9746aa36d8 Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Thu, 19 Jun 2014 10:42:00 +0100 Subject: Move Administrator Privileges to Admin Manual Administrator Privileges section has nothing to do with installing, so moved it to the Admin Manual. --- docs/running/admin_manual.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'docs/running/admin_manual.md') diff --git a/docs/running/admin_manual.md b/docs/running/admin_manual.md index bd3a44855..1e749f845 100644 --- a/docs/running/admin_manual.md +++ b/docs/running/admin_manual.md @@ -297,5 +297,24 @@ hanging the application altogether), so please: * Restrict your use of them to cases that can't otherwise be easily covered. * Keep them as simple and specific as possible. +## Administrator privileges +The administrative interface is at the URL `/admin`. +Only users with the `super` admin level can access the admin interface. Users +create their own accounts in the usual way, and then administrators can give +them `super` privileges. + +There is an emergency user account which can be accessed via +`/admin?emergency=1`, using the credentials `ADMIN_USERNAME` and +`ADMIN_PASSWORD`, which are set in `general.yml`. To bootstrap the +first `super` level accounts, you will need to log in as the emergency +user. You can disable the emergency user account by setting `DISABLE_EMERGENCY_USER` to `true` in `general.yml`. + +Users with the superuser role also have extra privileges in the website +front end, such as being able to categorise any request, being able to view +items that have been hidden from the search, and being presented with "admin" +links next to individual requests and comments in the front end. + +It is possible completely to override the administrator authentication by +setting `SKIP_ADMIN_AUTH` to `true` in `general.yml`. -- cgit v1.2.3