How to Use Account Ranks

1 General Consideration

Account ranks allow users to perform various administrative actions on the application and connected resources.
The account rank is recorded as integer in table users.
An administrator cannot act on other accounts having a higher or equal rank. In some cases it is possible to act on own account when using administration endpoints.
An administrator cannot assign to other users an account rank higher than own account rank. In order to raise the maximum account rank for your application you have to act directly on the database. By default, the Super Administrator (admin100k) has an account rank with value 100.000.

2 Default Super Administrator Account

The application creates a default Super Administrator account admin100k having account rank 100.000.
Because all account rank values required in order to perform administrative action are well below 100.000, the Super Administrator has the ability to perform the administration of the entire application.
The password of the Super Administrator is by default the same as the account "email", admin100k. The password must be changed before the application goes into production. You may also want to change the default Super Administrator email.

You can use the settings database -> admin100k_email and database -> admin100k_password to change the email and/or the password of the Super Administrator. Once the database entries are created for a certain Super Administrator email, it is impossible to change the password by altering the settings. However, you may use the settings to change both the email and the password of the Super Administrator. The email must be an email which is not present in the database.
When the application is running you can use the endpoint PUT /password to change the password only as usual.
The email of the Super Administrator cannot be changed when using application endpoints.

CAUTION: When changing the default Super Administrator email, any previous Super Administrator accounts are NOT deleted.
For example if you started the application using the default settings, the default Super Administrator account email admin100k is created. If you later decide to change the default Super Administrator account email to email@example.com and restart the application using fresh settings, then the application creates a Super Administrator account for email email@example.com (if this primary email is not taken). At the same time the application does NOT delete the account admin100k. It is up to you to delete (or modify) this account by directly acting on the database because Super Administrators cannot be deleted using application endpoints.

IMPORTANT:
Do not confuse the setting database -> admin100k_email with the setting database -> remote -> user (the user used to access a remote database).
Do not confuse the setting database -> admin100k_password with the setting database -> remote -> password (the password used to access a remote database).

3 Account Rank Levels

Various administrative actions require a minimum account rank in order to run as listed below:

• account rank 100 - the minimum account rank required in order to run any administrative action
• account rank 1.000 - the minimum account rank required for editors of articles, editors of FAQs a.o.
• account rank 10.000 - the minimum account rank for high level administrative actions including database maintenance, database transfer, database backup, administration of application settings a.o.

If applicable and if exceeding the default minimum value, the documentation of the application indicates the minimum account rank required for an administrator in order to perform a certain action.