specs/models/M_USER
User
A user is a digital object representing a person that has any access right to the Tulip system. There are two types of users:
- Users- Users with some level of access to Tulip
- Operators- Users with access to the Tulip Player for running Tulip apps
The User Model contains the following Models:
When actions are completed in Tulip or Tulip Player, they are always attributed to an individual User.
Tulip Users can authenticate via the following methods:
- LDAP
- SAML
- Email/Password
- Badge ID (Tulip Player only)
See the Authentication Methods page for more details
Once a user is created, it is permanently stored in the Tulip account. It can be “deactivated” so that the user is no longer allowed to log into Tulip or the Tulip Player.
If a user is “deactivated”, then another user can use their badge ID.
Fields
| Name | Description |
|---|---|
| Name | The name defined by the user |
| User ID | The unique identifier of the user. This value is often mapped to an organization's auth system. |
| The email address given by the user. Required for login. | |
| Password | The password given by the user. Required for logging into Tulip. This value is often mapped to an organization's auth system. |
| Badge ID | A unique alphanumeric ID assigned by a Tulip user with user “create” privileges. |
| Role | A specific role from the list of User Roles |
| User Fields | A list of custom fields that are given to every user by a user with access to the “User Fields” page |
| Status | The user’s status around logging into Tulip- either active, deactivated or pending |
| Image | A custom image that will be displayed as a headshot |
| Phone Number | A phone number that can be texted from a Tulip app. A user can only enter their own phone number. |
| Language | By default, Tulip will attempt to use the same language as the browser default. The user can manually set this to another language. |
Tests
| ID | Name |
|---|---|
| QA-T4 | User Management : 01 - Create new administrator account |
| QA-T5 | User Management : 02 - Receive welcome e-mail and registration link |
| QA-T10 | User Management : 04 - Log in with new admin |
| QA-T11 | User Management : 05 / Cannot Create an Admin with an empty or used Email |
| QA-T12 | User Management : 06 - Add phone number to admin account |
| QA-T13 | User Management : 07 - Upload image/gif for Admin icon on /account |
| QA-T16 | User Management : 08 - Create new operator account |
| QA-T120 | Group-Restricted LDAP : 02 - Users in the configured admin group can log in |
| QA-T121 | Group-Restricted LDAP : 03 - Users operator group can log in |
| QA-T122 | Group-Restricted LDAP : 04 / Admins should not be able to create Users |
| QA-T123 | Group-Restricted LDAP : 05 - Deactivated users should still be able to log in |
| QA-T171 | SAML : 02 - Admins can log in to Factory using SAML |
| QA-T172 | SAML : 04 - Operators can log into Player using SAML |
| QA-T260 | User Roles : 01 - Account Owners can add other Account Owners |
| QA-T261 | User Roles : 03 - Account Owners can edit other users' profiles |
| QA-T262 | User Roles : 02.1 - Account Owners can create new Account Owners |
| QA-T263 | User Roles : 04 - Account Owners should be able to deactivate/reactivate users |
| QA-T264 | User Roles : 05 / Administrators should not be able to manage users |
| QA-T265 | User Roles : 06 / Tulip Table Supervisors should not be able to manage connectors |
| QA-T266 | User Roles : 07 / Tulip Table Supervisors should not be able to manage the shop floor |
| QA-T267 | User Roles : 08.1 / Viewers should be unable to run Apps or edit/modify Apps, Dashboards, and Analytics |
| QA-T279 | User Management : 10 - Users can change their password |
| QA-T331 | LDAP Tulip Managed : 01 - Creating Users |
| QA-T332 | LDAP Tulip Managed : 02 - Users can log in via LDAP |
| QA-T333 | LDAP Tulip Managed : 03 - Deactivated Users can't Log In |
| QA-T387 | User Management : 11 - User Deactivation |
| QA-T636 | Workspaces : 01 - Login with different roles |
| QA-T653 | LDAP Tulip Managed : 01 / Creating a User with the same name |
| QA-T655 | LDAP Tulip Managed : 02 / Operators can't log into Factory via LDAP |
| QA-T660 | User Management : 03 / Password Creation for New Admin with wrong input |
| QA-T661 | User Management : 06 / Try to add phone number with a false Verification Code |
| QA-T663 | User Management : 08 / Trying to create New Operator Account without entering a name/with a Badge ID in use |
| QA-T692 | User Management : 03 - Password Creation for New Admin |
| QA-T693 | User Management : 03.2 - Onboarding sequence |
| QA-T708 | User Roles : 05 - Administrator role |
| QA-T749 | Workspaces : 10 / - Failing to create a new user with email registered in another workspace |
| QA-T750 | Workspaces : 11 / - Failing to run an app from another workspace |
| QA-T751 | Workspaces : 12 / - Workspace owner cannot access other workspaces |
| QA-T804 | User Management : 12 - User Permission after Reactivation |
| QA-T880 | User Roles : 02.2 - Account Owners can create users other than Account Owners |
| QA-T1141 | User roles : 09.1 - Operator role |
| QA-T1145 | User roles : 09.2 - Inviting Operator users |
| QA-T1146 | User roles : 09.3 / Operators can't log in to Factory or register a Player |
| QA-T1153 | User Roles : 17.1 - Viewer (with Player Access) role - Settings |
| QA-T1159 | User Roles : 17.2 - Viewer (with Player Access) role - Player, Dashboards, Apps, Analytics |
| QA-T1160 | User Roles : 17.4 - Viewer (with Player Access) role - Machines, Machine Types, Data Sources, Vision |
| QA-T1161 | User Roles : 17.3 - Viewer (with Player Access) role - Tables, Connectors, Stations, Display Devices |
| QA-T1162 | User Roles : 11.1 - Connector Supervisor role - Settings |
| QA-T1163 | User Roles : 11.2 - Connector Supervisor role - Player, Dashboards, Apps, Analytics |
| QA-T1164 | User Roles : 11.3 - Connector Supervisor role - Tables, Connectors, Stations, Display Devices |
| QA-T1165 | User Roles : 11.4 - Connector Supervisor role - Machines, Machine Types, Data Sources, Vision |
| QA-T1166 | User Roles : 12.1 - Tulip Table Supervisor role - Settings |
| QA-T1167 | User Roles : 12.2 - Tulip Table Supervisor role - Player, Dashboards, Apps, Analytics |
| QA-T1168 | User Roles : 12.3 - Tulip Table Supervisor role - Tables, Connectors, Stations, Display Devices |
| QA-T1172 | User Roles : 12.4 - Tulip Table Supervisor role - Machines, Machine Types, Data Sources, Vision |
| QA-T1182 | User Roles : 13.1 - Station Operator role - Settings |
| QA-T1183 | User Roles : 13.2 - Station Operator role - Player, Dashboards, Apps, Analytics |
| QA-T1184 | User Roles : 13.3 - Station Operator role - Tables, Connectors, Stations, Display Devices |
| QA-T1185 | User Roles : 13.4 - Station Operator role - Machines, Machine Types, Data Sources, Vision |
| QA-T1197 | User Roles : 14.1 - Station Supervisor role - Settings |
| QA-T1198 | User Roles : 14.2 - Station Supervisor role - Player, Dashboards, Apps, Analytics |
| QA-T1199 | User Roles : 14.3 - Station Supervisor role - Tables, Connectors, Stations, Display Devices |
| QA-T1200 | User Roles : 14.4 - Station Supervisor role - Machines, Machine Types, Data Sources, Vision |
| QA-T1201 | User Roles : 15.1 - Administrator role - Settings |
| QA-T1202 | User Roles : 15.2 - Administrator role - Player, Dashboards, Apps, Analytics |
| QA-T1203 | User Roles : 15.3 - Administrator role - Tables, Connectors, Stations, Display Devices |
| QA-T1204 | User Roles : 15.4 - Administrator role - Machines, Machine Types, Data Sources, Vision |
| QA-T1205 | User Roles : 16.1 - Application Approver role - Settings |
| QA-T1206 | User Roles : 16.2 - Application Approver role - Player, Dashboards, Apps, Analytics |
| QA-T1207 | User Roles : 16.3 - Application Approver role - Tables, Connectors, Stations, Display Devices |
| QA-T1208 | User Roles : 16.4 - Application Approver role - Machines, Machine Types, Data Sources, Vision |
| QA-T1209 | User Management: 15 / Login Attempt Rate Limiting |
| QA-T1212 | User Management: 17 - Account owner can register player |
| QA-T1214 | SAML : 07 - Roles from SAML Attributes Overwrite Tulip Roles with IdP Control Mode |
| QA-T1216 | User Roles : 10.1 - Application Builder role - Settings |
| QA-T1217 | User Roles : 10.2 - Application Builder role - Player, Dashboards, Apps, Analytics |
| QA-T1219 | User Roles : 10.3 - Application Builder role - Tables, Connectors, Stations, Display Devices |
| QA-T1220 | User Roles : 10.4 - Application Builder role - Machines, Machine Types, Data Sources, Vision |
| QA-T1222 | User Roles : 08.2 / Viewers should be unable to create, edit, or modify Tables |
| QA-T1223 | User Roles : 08.3 / Viewers should be unable to create, edit, or modify Connectors and Connector Functions |
| QA-T1224 | User Roles : 08.4 / Viewers should be unable to create, edit, or modify Stations |
| QA-T1225 | User Roles : 08.5 / Viewers should be unable to create, edit, or modify Display Devices |
| QA-T1226 | User Roles : 08.6 / Viewers should be unable to create, edit, or modify Machines |
| QA-T1227 | User Roles : 08.7 / Viewers should be unable to create, edit, or modify Machine Types |
| QA-T1228 | User Roles : 08.8 / Viewers should be unable to create, edit, or modify Machine Data Sources |
| QA-T1229 | User Roles : 08.10 / Viewers should not be able to access Vision |
| QA-T1230 | User Roles : 08.9 / Viewers should be unable to update Edge Devices |
| QA-T1231 | User Roles : 08.11 / Viewers cannot register Players |
| QA-T1232 | User Roles : 18.1 - Application Engineer role - Settings |
| QA-T1234 | User Roles : 18.3 - Application Engineer role - Tables, Connectors, Stations, Display Devices |
| QA-T1235 | User Roles : 18.4 - Application Engineer role - Machines, Machine Types, Data Sources, Vision |
| QA-T1236 | User Roles : 19.2 - Workspace Owner role - Player, Dashboards, Apps, Analytics |
| QA-T1237 | User Roles : 19.3 - Workspace Owner role - Tables, Connectors, Stations, Display Devices |
| QA-T1238 | User Roles : 19.4 - Workspace Owner role - Machines, Machine Types, Data Sources, Vision |
| QA-T1241 | User Roles : 19.1 - Workspace Owner role - Settings |
| QA-T1255 | Misc Tests - Logged In User is displayed when logged into Factory and Player |
| QA-T1277 | Duplicate roles |
| QA-T1279 | Can assign custom roles |
| QA-T1285 | Can archive roles |
| QA-T1288 | Can bulk-assign roles |
| QA-T1289 | User Roles : 24 - Roles page is available even with the customUserRoles FF off |
Requirements
| ID | Requirement |
|---|---|
| PLAT-8885 (813) | All data shall be Attributable; data must be identified to the person who did the data collection. Records shall include information about how the data was acquired, action/activity performed, where and and when. |
| PLAT-8899 (43) | All user maintenance activities shall be recorded. |