# Managing Users

Users are managed in the workstation application. They can be added by another user appropriate permissions or they can signup themselves.

<figure><img src="https://content.gitbook.com/content/smUfVXsKTmRL1jr9Y1Tr/blobs/CJhLQVaSgQf3Une7otNf/Screenshot%202024-04-05%20at%2013.05.19.png" alt=""><figcaption><p>Sample users view</p></figcaption></figure>

## User's Permissions

A user authorization model is based on permissions. The permissions are divided into logical groups.

### Administration

| Permisson          | Description                              |
| ------------------ | ---------------------------------------- |
| Update license     | Allows to change a license.              |
| Edit users         | Allows to create, edit and delete users. |
| Delete application | Allows to delete applications data.      |
| View server info   | Allows to view the server info page      |
| View users         | Allows to view other users               |
| View license       | Allows to view the server license        |

### Agents

| Permission              | Description                                 |
| ----------------------- | ------------------------------------------- |
| View agents             | Allows to view currently connected agents.  |
| Query agents            | Allows to send queries to agents directly.  |
| Switch agent's features | Allows to enable/disable agents's features. |

### Configuration

| Permission            | Description                                   |
| --------------------- | --------------------------------------------- |
| View profiles         | Allows to view profiles and profiles' details |
| Assign applications   | Allows to assign applications to profiles     |
| Edit profiles         | Allows to create, edit and delete profiles    |
| Edit profiles state   | Allows to deploy/undeploy profiles            |
| Edit license mappings | Allows to edit the license mappings           |
| Manage extensions     | Allows to add and delete agents extensions.   |
| Edit data masking     | Allows to edit data masking entries           |
| Edit filters          | Allows to edit filters                        |

### Data Access

| Permission      | Description                        |
| --------------- | ---------------------------------- |
| View parameters | Allows to view methods' parameters |

## Hiding Applications

If you do not want a user to see data from particular applications, you can do this by banning the applications for that specific user. In order to edit the banned applications list click the <mark style="color:blue;">`Banned applications`</mark> tab.

<figure><img src="https://content.gitbook.com/content/smUfVXsKTmRL1jr9Y1Tr/blobs/TYJI3TKchvzfBCCTmpPx/Screenshot%202024-04-05%20at%2013.06.59.png" alt=""><figcaption><p>Banned applications view</p></figcaption></figure>

Next, press the Edit button to make changes to the list.

<figure><img src="https://content.gitbook.com/content/smUfVXsKTmRL1jr9Y1Tr/blobs/r3liWfPCR98ILXR4T2Fp/Screenshot%202024-04-05%20at%2013.06.11.png" alt=""><figcaption><p>Edit banned applications form</p></figcaption></figure>

Then select the application and press the <mark style="color:blue;">`Add`</mark> button. Finally, press the <mark style="color:blue;">`Save`</mark> button to save the list.

## Password Recovery

If there is another user who is able to access the server via the workstation application, your password can be reset by this user, provided that they have appropriate permissions to do so. If there is no such user, you must login to the machine the server runs on and reset your access using the command below:

```shell-session
$ flopsar-server users --reset <username> <server_home>
```

This operation will set the password to `flopsar` and also grant the specified user all the permissions.