Users

Users are the individual accounts users of LemonEdge use to login to the system. Users must belong to at least one Team (for permissions) and at least one Role (for the functionality they can use and customisations).

User Features

Each individual who wants to use the system is assigned a unique user to login with. This user hold a unique email login and the method in which they can log into the system. It also holds current role and team that user is working in the system with.

You can not share user accounts. When a user logins it creates a new session that will automatically kick anyone out who is currently logged in using the same user credentials elsewhere.

You can perform the following functions against a user:

  • Reset their password
  • Force logins to always occur through windows domain authentication - requires no password
  • Update the email that is used for automated notifications from the system and the type of notification the system uses
  • Suspend a user which prevents them from being able to login again
  • Lock a user to only being able to run in a particular sandbox

By providing a windows domain for authenticated login you can ensure that no passwords are required to login and the user is automatically authenticated from the user they are running under in windows. This means you own IT policy can also set the users password policy.

If you are using standard login name and password for the user to login it is worth knowing that all passwords are encrypted using salt-hashes in the database.

All activity that ever happens in the system is fully audited. As part of all audit trails, the user who made the modification is linked to. This way you can always identify what was changed, and by whom. The audit includes all the following data:

  • All insert, updates, and deletes of all entities in the system. This includes custom entities, and entities created through our API. Any and all data is fully audited
  • The date/time the change occurred and who made the change
    • The date/time stamp will be the same as other records if they were all saved in one transaction.
  • All changes to permissions - as this is just another entity with data anyway
  • All login attempts both successful and failed.
  • All executions of queries. 

The logging of execution of queries provides you with an excellent method of getting stats on queries you create and to look for areas of improvement.


Default User

There is one default user created for every system. When you initially connect LemonEdge to a blank database (either through a direct connection from a client application or through a service) the system will create the LemonEdge system from scratch and create an admin user as follows:

username: root@lemontreesoftware.com 
password: !ltroot

This user is linked to the account as the default admin user for this account [see account maintenance for more info]. In other words whenever the system upgrades, or reset system roles is performed, it is this user that is always given access to the default teams (Admin and Standard User) and default roles (Admin and Standard User). 

This user will always have full admin permissions and access. Even if you mess up permissions in some way, this user will always be restored with correct full access so you can fix anything from this user account.

You should always immediately change the password of this user on first access. You can also look at making a different user the default admin, or suspending this user account and only using it in emergencies to make sure no-one has full access by default.


Views

Users can be managed using the following views: