Users
The Users page lists every account on the platform and is where administrators create, invite, edit, and delete users. It lives at /users.
The user model is intentionally small. There are two boolean attributes that control access:
- Admin: grants administrative privileges. Only admins can create, invite, edit, or delete users.
- Enabled: controls whether the account can access the platform. Disabling a user blocks access but keeps all associated data intact, so the account can be re-enabled later.
There are no other named roles or permission tiers at the user level. Everything finer-grained lives on hosts and resources; see Permissions and access control.
Users list
Section titled âUsers listâThe list is a searchable, sortable, paginated table.
- Columns: Name (with avatar), Admin, and Last update.
- Search: filters by name or email.
- Sort: by Last update (default), Name, or Admin.
- Actions: the per-row delete action and the Create User / Invite User buttons are visible only to admins.
Non-admins can view the list but cannot add or remove accounts.
Creating a user
Section titled âCreating a userâAdmins open the create form from the Create User button (/users/create). Non-admins are redirected back to the list.
Creating a user sets the password immediately, so the account is usable right away. The form fields are:
- Email (up to 64 characters)
- Name
- Avatar (optional image, PNG, JPG, WEBP, or GIF, max 5 MB)
- Admin checkbox
- Enabled checkbox
- Password and Confirm password (at least 10 characters)
Inviting a user
Section titled âInviting a userâAdmins can instead invite a user from the Invite User button (/users/invite). With an invite, the administrator does not set a password. The system emails the new user a link to set their own.
The invite form is shorter than the create form:
- Name
- Admin checkbox
On submit, the server creates the account (enabled, with a random throwaway password) and sends a password-setup email. The user becomes active once they follow the link and choose a password.
sequenceDiagram
participant Admin
participant Server
participant Invitee
Admin->>Server: Submit invite (email, name, admin)
Server->>Server: Create account (enabled, random password)
Server->>Invitee: Send password-setup email
Invitee->>Server: Open link, set password
Server->>Invitee: Redirect to login
Create vs invite
Section titled âCreate vs inviteâ| Create | Invite | |
|---|---|---|
| Password | Admin sets it now | User sets it via email link |
| Avatar field | Yes | No |
| Enabled field | Yes (toggle) | Always enabled |
| Ready to log in | Immediately | After accepting the invite |
Accepting an invitation
Section titled âAccepting an invitationâThe invitation email links to /accept-invitation/<token>, a page that does not require an existing session. The invitee enters a new password (and confirms it), at least 10 characters. After it is saved, they are sent to the login page to sign in.
User details
Section titled âUser detailsâSelecting a user opens their detail page at /user/<id>. Editing requires admin privileges. Non-admins see the page in read-only form.
The page has two sections:
- Profile: email (read-only here), email visibility, name, avatar, the Admin toggle (only an admin can change it), and the Enabled toggle (admin only).
- Delete: removes the account after typing the userâs name to confirm. This action is irreversible.
You cannot delete your own account from the listâs row action.