User Role and User Management

I am interested in creating a User Role that allows users at the country-level of the organization to add/modify/delete users in their country. I have given this User Role the following permissions:

  • Metadata: User: Add/Update Public
  • Apps: Users app
  • System: Add/remove members in read-only user groups, Add/Update User Group Managing Relationships, Add/Update User within Managed Group, Replicate User, Send Email, View User, View User Group Managing Relationships.

When a user assigned to this role logs in, they can view users, and edit them, but there are no roles showing under Available Roles and Selected Roles. Without assigning a role, they cannot create a new user.

Thank you for your advice, and again I will put in a plug for some more detail in the documentation and some sample user roles or metadata templates that will make this process easier, with the minimum authorities that are needed for the basic roles that most organizations generally need.

1 Like

@Mike_Johnson
What version of DHIS2 are you using?
I tried to replicate this on 2.30, and it seems there is some sort of dependency or constraint.
Like the “user admin” cannot create a new user with higher authorities than the “user admin” has.
Also, can you make sure your userroles are shared accordingly or can be accessed by these new user admins.

Cheers,
Emma

1 Like

Hi Emma, Thanks for looking into this for me!
We are using Version: 2.30, Build revision: 17b47a2, Build date: 2019-02-05.
I checked the user roles and they are set to Public Access, anyone can find, edit, and view metadata for those roles.
I have tried to give access to the User Role metadata to this user admin role, and this did give the user permission to edit the role, but not permission to create a new user and assign them to any role.
Is this a use case that other organizations have, to give some users administration rights over other users, but not superuser authority?

1 Like