EarthBrain user management

This can become a bit confusing.

  • ForestBrain user management is part of a separate package named EarthBrain.
  • EarthBrain users are also MODX users, but with some extended fields.
  • We can distinguish 2 kinds of users: administrative and technical.

Administrative users

We have the following administrative user types:

Guardians

Guardians are always the owners of the connected data. They're not necessarily the ones managing the data, but it probably describes their land, nursery, seeds, etc.

A guardian can be attached to a:

  • Forest
  • Seed
  • Source

Internally, Guardians are called Persons. A person is also a MODX user, which is referenced by the person_id field.

Stewards

Stewards are the administrators of the connected data. They are referenced by the createdby field (pointing to the corresponding MODX user) or the admin field inside templates.

Sometimes guardians will manage their own data, meaning they're also the steward.

Members

Since ForestBrain is intended to be used only by organizations, each ForestBrain user will also be a member of the organization under which they signed up. In MODX, this means the user is part of the respective User Group.

Note: there is also a usergroup for members who didn't register directly, but were created by another member while adding data.

Technical users

Technically, everyone is a MODX user. The default modx_users table is extended with data from the earthbrain_people table.

IMPORTANT: this means that the user needs to use the earthPerson class_key (instead of modUser). This is applied when the user is auto-generated, but you need to do this manually when adding a new user or changing an existing user.

There is also a bug in MODX, which resets the class_key to modUser when you edit the user inline, in the CMP. So don't edit users inline!

This might become problematic if we're going to attach other applications to the database (like Directus), but otherwise we lose the built-in MODX permissions system. Which is complicated, but quite useful in this case.

Permissions

Some elements are tied to a specific user. This means that in grids, only the items created by that user will appear.

Currently, this is the case with:

  • All seeds
  • Private sources

MODX administrators with sudo permissions can still see all items.