Sign in Subscribe

User Management

Last updated on 

User management is a key component of ensuring your Ourchive site remains secure. On Ourchive, users can register, comment, upload images and audio, and post text. That's a lot of potential for botheration. This article reviews how to view user data, configure permissions, and handle notifications and user reports.

User Permissions

User permissions control whether users can upload files and whether or not they are staff. A staff user can log into the admin site.

💡
Staff users are trusted users and they can break things! Don't make someone staff unless you're comfortable with them being a moderator/admin on your site. 

Access the user management console at https://your-ourchive-url.com/admin/core/user/.

The user list view

From the user list view, you can perform the following bulk operations:

  • Delete users: Default Django functionality, deletes selected users and all associated data (such as works and bookmarks)
  • Allow selected users to upload audio: allows users to upload audio files associated with work chapters.
  • Allow selected users to upload images: allows users to upload work, chapter, collection, and user profile images.
  • Allow selected users to upload preferred export files: allows users to upload their own preferred work exports [tk link to functionality].
  • Allow selected users to upload all files: allows users to upload all files, regardless of feature or file type.
💡
Be very careful with file upload permissions. File upload is a risk for abuse, including distribution of illegal material. As a general rule of thumb, users with multimedia permissions should be people you trust, or you should have a robust content moderation team monitoring uploads.

Registration & Invitations

As described in Settings[tk], you can enable or disable site registration, and you can require invitations for users to be able to register. If you choose to require invitations, you will need to approve them. (The option for automated invite generation and sending is a 1.0 roadmap item.) You can access invitations at https://your-ourchive-url.com/admin/core/invitation/:

The invitation list view

From the list view, you can mass approve or delete invite requests. You can also view who has used their token. If a token is used, another invite will not be sent to the user.

By default, invites are emailed to the user. If you choose not to configure email [tk], you will need to manually email the link to the user. You can find this link by clicking on the ID of the user from the list view, and copying their 'Register link':

The register link within the user view

When they click this link, their account will be set up.

Reporting

Occasionally, users will need to report behavior that violates your archive rules. When a user is reported, staff users are notified via email. Reports are accessible in the admin view at https://your-ourchive-url.com/admin/core/userreport/:

The user report list view

Mods can mass-resolve reports via the list view. This is useful in the case of a mass-reporting scenario. Usually, however, a mod will enter an individual report record and resolve it with a mod note:

The individual user report edit screen

Note that mods can change all fields on this form. That is because the Django admin interface assumes anyone using the admin site is a trusted user. Admins should be trained not to modify sensitive fields.

Ourchive is a small-scale archive. This means that moderation is expected to be primarily external to the website. In this case, a mod might contact imp and tell her to stop reporting impbot3000, and to block her instead. The mod would then add a note indicating they'd contacted imp and resolve the report.

Rules will vary per Ourchive installation, so report reasons are configurable at https://your-ourchive-url.com/admin/core/userreportreason/:

The report reason list view

You can add as many reasons as you want, but keep in mind that all reasons will display when the user makes a report. For this reason, we recommend succinct, general reasons such as 'Harassment', 'Disallowed Content', and 'Hate Speech'.

Announcements

If you have short pieces of information to communicate to your users, such as scheduled downtime, you can communicate this information using admin announcements. Admin announcements are shown at the very top of the site's view:

Ourchive homepage showing an announcement.

You can manage announcements at https://your-ourchive-url.com/admin/core/adminannouncement:

The admin announcement list view

Within the admin announcement edit view, you can set a create and expiration date to only show the admin announcement during certain periods of time. You can also mark the admin announcement active or inactive; inactive admin announcements stay in the database, but users don't see them upon arriving to the website.

Admin announcements support basic HTML, such as embedding a link (syntax: <a href='https://google.com'>My Link</a>).

💡
When a user dismisses an announcement, we set a cookie not to show it again. Cookies expire after a couple weeks. We recommend using announcements for time-bound communication and always marking inactive or setting an expiration date when the time for this announcement has passed.