Segregation of users

The Adminapp can be configured such that different administrator users manage different sets of users. How sets of users are specified depends on the capabilities of the underlying User Persister plugin.

0. The segregation of users is configured as follows:
1. In the Config Editor, go to:
   Adminapp >> Users >> section Advanced Settings >> property Admin Role Specific Settings

The list of admin-role-specific settings allows for defining a separate user data source depending on the administrator's roles. Based on the role of an administrator, the configured properties are used whenever an administrator interacts with users.
It is, for example, possible to configure the user persister configuration.

The following configuration excerpt illustrates the implementation of user segregation.

• All users are stored in a database table medusa_user and each row contains a field bizzunit specifying whether a user belongs to the business unit Europe or America.
• The configuration defines the administrator role useradmin, useradminAM, and the useradminEU and maps the latter two to the corresponding user persister settings.
• The configuration of the Database User Persister plugin then assures that administrator with role useradminEU can only manage users of business unit Europe whereas administrators with role useradminAM can only manage users of business unit America.
• Administrators with role useradmin can manage all users (even users that have another or no business unit).

• Internal links:
• User-group dependent settings