Kavi Help CenterKavi® Members Help
| Chapter 17. User Types | ||
|---|---|---|
 |
Part I. Kavi Members Concepts and General Instructions | 
|
Table of Contents
User Types are used to classify users and may also confer roles that grant access to protected areas of the web site. User Type functions as an attribute that can be used to retrieve all users to whom it has been assigned through searches and reports tools such as the User Data Report.
User Types can be assigned to users to by geographic region, market sector, area of interest, etc.
User Types assigned through Individual Membership Types usually convey the 'member' role that grants access to the Members area. Roles that confer high-level access are usually assigned through User Types, since these types are assigned selectively. Highly privileged User Types may convey administrative or editorial roles that grant access to Admin areas or Kavi® Edit tools used to manage Web site pages and content.
This document assumes you are familiar with the concepts introduced in Purpose, Roles, Types and Membership Types.
User Types are similar to Contact Types because both these types are assigned to users, rather than companies. The difference is that User Types define a user's relationship to the organization, rather than to a company. Company Admin and Contact Types are associated with roles that provide administrative access to Company areas and data, whereas User Types are associated with roles that provide access to data at a global, site-wide level.
Unlike Contact Types, the only auto-assigned User Types are types assigned through Individual Memberships. These usually convey the 'member' role and access to the Members area.
User Types that convey privileged administrative or editor roles are assigned to users manually through Admin Area tools such as Manage a User. User Types assigned to staff and administrators usually provide higher-level access than access inherited through their company's Company Types.
This document assumes you are familiar with Roles, Types and>.
User Types are used to classify individual members, nonmembers, staff and administrators. They may convey roles that grant access to the Members Area, Admin Area, Super Admin Area or Kavi Edit tools. If the organization allows nonmembers to login, these users need to be assigned a User Type associated with the 'member' role, so they have access to Members tools that allow them to login and manage their personal account data.
User Types can be assigned automatically through membership or nonmember signup. Administrators assign more privileged types manually through such tools as Add a User, Edit a User or Upload Data.
Every organization that offers memberships for individuals must have a set of custom types that correspond to their Individual Membership Types and are automatically assigned through membership. Depending on the membership structure, there may be a one-to-one correspondence between these types (so that every Individul Membership Type has a single corresponding User Type), or a single User Type may correspond to multiple Individual Membership Types or several User Types may be assigned through a single Individual Membership Type. It is important that the User Types provide meaningful labels for use in searches.
Once the corresponding User Type(s) exist, a Super Admin adds an Individual Membership Type and associates it with the appropriate User Type(s) so it is automatically assigned to an individual when that type of membership is acquired.
User Types assigned through Individual Membership Types are usually associated with roles that confer basic access privileges, such as the default 'member' role that grants access to Member areas of the site. They may also be associated with roles that grant access to areas of the site reserved for use by members of that type, such as a 'board' role assigned through a 'Board' User Type when an individual acquires a Board membership.
These User Types usually confer high-level editorial or administrative access. Administrators selectively assign these types to users as necessary.
User Types can be used to model other classification systems in use within the organization that are not directly based on membership. This may include generic types used to group nonmembers (e.g., 'nonmember'), geographic region, market sector or any other classification that is meaningful to the organization.
Kavi Members provides several highly privileged default User Types including 'Organization Admin', which is assigned to an individual in charge of the Web site. It confers the 'org_admin' role that provides access to all areas of the Web site including Kavi Members and other Kavi application's Admin and Reports tools. It provides access to members-only areas of the site and the ability to manage the Kavi Members database.
For a complete list of default types, see the Default User Types table.
To view all available User Types, use the Manage User Types tool.
Kavi Members installs a few highly privileged User Types by default, including 'Organization Admin, 'Organization Editor' and 'Report Admin'. These types are associated with the 'org_admin,' 'Editor' and 'report_admin' roles, respectively.
Even though these are default types and cannot be deleted, they can be edited with the Edit a User Type tool.
The most basic example of custom-defined user types is a set of User Types designed to be granted through membership for organizations that offer memberships to individuals. These types are generally named after the membership types to which they correspond (e.g., 'Supporting', 'Sponsor', 'Academic', etc.), which allows users holding these types of memberships to be retrieved by the corresponding User Type. This kind of User Type is usually associated with roles conferring general access to the Members area (i.e., 'member') and custom roles conferring access privileges to areas used specifically by this type of member (e.g., 'board').
Another kind of custom-defined User Type is defined without any associated roles or access permissions solely for the purpose of grouping users according to type, such as User Types representing geographic regions or other user classes of interest to the organization. Once defined and assigned to users, these types can be used in searches and to apply business logic to specific groups of users.
A User Type cannot be deleted if it is in use. If you wish to remove a custom-defined type and the Delete tool link is not displayed, this indicates the type is in use and it will be necessary to use the User Data Report to get a report of users who have been assigned this type, then use the Edit a User tool to remove this type from each user's record.
Custom types can be added as required and deleted if no longer needed. To add a custom User Type, use the Add a User Type tool.
User Types are the only type that can be safely used to convey roles that grant high-level access permissions. The only restriction on these types is that they should not convey 'company' or 'contact' roles that are most appropriately conveyed through Contact Types. Like other privileged types, it's best if they convey only the privileges required by the position they are designed for, and no more.
Back to topIf you are adding a type to be assigned to users when they acquire an individual membership, here are some best practices hints. Every organization's membership structure is unique, so these hints aren't universally applicable.
These types belong in the category 'General (only through membership)'.
Many User Types assigned through membership correspond 1-to-1 to an Individual Membership Type, but this isn't applicable to all membership structures. Some organizations assign multiple User Types through a single membership type, and others assign a single User Type through multiple membership types.
Create whatever types make the most sense for your organization's membership structure. For example, if there are multiple types at the same level that have only slight differences, the same User Type might be appropriate for all. If your memberships grant different privileges to the same member type depending on some other variable, such as region, you might have one User Type assigned to all these members, then create a set of User Types, one for each of the regions. Users with this type of membership would be assigned two types, one that is assigned to everyone with this type of membership and a second type assigned only to members in their region.
Since User Types are displayed in pulldown lists for searches and reports, the name of the type should mirror the name of the membership type or be otherwise meaningful so that it will be instantly recognizable. If the type provides any access, this should be included in the description.
At least one of the User Types assigned through membership should be associated with the 'member' role to grant access to the Members area. If there are custom areas that this type of member needs to be able to access, associate the role that controls this area as well.
The level of access provided by roles associated with User Types can vary from 'super_admin', which grants complete access to the organization's Web site, to finer-grained roles such as 'report_admin', which grants permission to the Reports Area at the Admin level. User Types may also need to convey custom roles that provide access to custom tools or areas of the site used by administrators or editors.
Privileged users often "wear more than one hat," fulfilling multiple administrative or editorial positions in connection with the organization's Web site, and must be assigned whatever combination of User Types is necessary to acquire the roles and access privileges they need to meet their obligations.
These types are usually created to be assigned to individuals who hold certain positions in the organization and to provide them with the access they need to fulfill their responsibilities.
The name should imply the kind of access that is being conferred by including terms such as 'admin' or 'editor'. The use of terms specific to Contact Types should be avoided, so don't use 'company' or 'contact' in your name. The description can provide a fuller account of the kind of access being conferred.
This kind of User Type can be used to convey highly privileged roles, since they will be assigned manually by administrators. The 'super_admin' role is the only role that probably shouldn't be assigned through any custom type.
These types don't convey roles unless the organization allows nonmembers to sign up and login. If so, Kavi Members manages these registered, authenticated nonmembers almost like members. They need to be assigned to a company with the Purpose of 'Nonmembers' so they can be managed effectively in Kavi Members.
If your organization tracks nonmembers without allowing them to login, the same general requirements apply but User Types created to classify these individuals should not confer the 'member' role.
Your organization may classify individuals by attributes that are independent of membership, such as geographic region. In this example, a set of User Types would be created to correspond with the organization's regions. Unless there are protected areas of the site used exclusively by individuals from a certain region, no roles would be associated with these types.
The organization may classify individuals independently of membership, even if it doesn't track nonmembers. The most common use case of this kind of classification is geographic region.
Organizations that allow nonmembers to sign up and login require User Types that classify registered individuals and confer the 'member' role.
The name should be succinct and follow the organization's classification system. Since access is rarely provided through these types, the type description should explicitly include any access provided by these types.
If a User Type is to be assigned to nonmembers who need Members Area access, it must be associated with the 'member' role and any other custom roles required to provide basic access to the site. Otherwise types used for classification seldom need associated roles.
|
|
 |
|
| Chapter 16. Contact Types |  |
Chapter 18. How to Manage Access |