Manage User Access
Configure user accounts, roles, and permissions for system access control.
Time required: 10-15 minutes per user
Module: base, openeducat_core
User role: System Administrator
Prerequisites
Steps
Step 1: Navigate to Users
- Go to Settings -> Users & Companies -> Users
- Click Create to add new user
Step 3: Set User Type
| Type | Description | Use Case |
|---|
| Internal User | Full system access | Staff, Faculty |
| Portal User | Limited self-service | Students, Parents |
| Public User | No login required | Website visitors |
Step 4: Assign Access Rights
In the Access Rights tab:
| Application | Access Level |
|---|
| OpenEduCat | Admin / Manager / User |
| Contacts | Create / Edit / View |
| Calendar | All / Own |
| Discuss | User |
| Role | Description | Permissions |
|---|
| Admin | Full control | All operations |
| Manager | Department head | Create, Edit, View |
| User | Standard user | View, Limited edit |
| Faculty | Teaching staff | Subject-related |
| Student | Enrolled student | Own records |
Step 6: Set Multi-Company Access
If multiple institutions:
| Setting | Description |
|---|
| Allowed Companies | Can access |
| Default Company | Initial login |
| Inter-company | Cross-company access |
| Setting | Description |
|---|
| Enable 2FA | Require second factor |
| Method | TOTP app, Email, SMS |
| Enforce | Mandatory for role |
Step 8: Save User
Click Save to create the user account.
OpenEduCat User Roles
Academic Roles
| Role | Access | Typical Users |
|---|
| Academic Admin | All academic | Registrar |
| Exam Controller | Examinations | Exam office |
| Faculty | Teaching | Teachers |
| Student | Own records | Students |
Administrative Roles
| Role | Access | Typical Users |
|---|
| System Admin | Full access | IT Admin |
| HR Admin | Staff records | HR team |
| Finance Admin | Fees, payments | Accounts |
| Library Admin | Library ops | Librarian |
Bulk User Creation
For multiple users:
- Prepare CSV with columns:
- Go to Action -> Import
- Map fields and import
Password Management
| Action | Description |
|---|
| Set Password | Admin sets password |
| Send Invitation | User sets own password |
| Reset Password | Send reset link |
| Force Change | Require change on login |
Security Policies
| Policy | Setting |
|---|
| Min Password Length | 8 characters |
| Require Complexity | Upper, lower, number |
| Password Expiry | 90 days |
| Lock After Failures | 5 attempts |
Field Reference
User (res.users)
| Technical Field | UI Label | Type | Notes |
|---|
name | Name | Char | Full name |
login | Login | Char | Username/email |
email | Email | Char | Email address |
groups_id | Groups | Many2many | Access rights |
active | Active | Boolean | Account status |
Access Groups
| Technical Field | UI Label | Type | Notes |
|---|
name | Name | Char | Group name |
category_id | Category | Many2one | App category |
implied_ids | Inherits | Many2many | Parent groups |
users | Users | Many2many | Group members |
Troubleshooting
User cannot login
- Verify account is Active
- Check password is set
- Confirm login email is correct
- Review account lock status
Check user has appropriate access groups assigned.
Permission denied errors
Review access rights and group assignments for the specific model.
Related: Manage Portal | Configure Email
