Manage Users
Manage Users lets you create new Aqualus Water staff accounts, update their details, reset their passwords, delete them, and view the permissions that come with their assigned role. Access is restricted to users whose role grants user-management privileges.
The page lists every active user with the columns Username, Surname, First Name, Email Address, Phone, Domain Username, Role, and an Operations menu. The Role column shows the role the user is assigned to. If the user has not been assigned a role, or has had their permissions adjusted away from a role's template, the column reads Custom Permissions.
Adding a new user
Click + Add User at the top right of the page to open the Add User dialog. Enter the user's surname, first name, username, email address, and phone number. If your organisation uses Active Directory or SSO, enter the matching Domain Username. Choose a role from the Role dropdown. The dropdown lists every role defined in Manage Roles, default and custom.
Click Add to create the account. Aqualus Water sends the user an email with their username and a temporary password, and prompts them to set a new password the first time they sign in. Click Clear to reset the form fields without saving, or Back to close the dialog without creating the user.
If your organisation uses SSO and the role you assigned has an SSO group mapping, the welcome email is suppressed and the user signs in via the identity provider.
Updating an existing user
Click Operations next to the user's row, then choose one of the following.
EDIT User opens a dialog with the user's surname, first name, email, phone, domain username, and role. Update any of these fields and click Edit to save, or Back to discard. Changing a user's role takes effect immediately and replaces all of their existing permissions with the permissions defined by the new role.
DELETE User removes the user from Aqualus Water after a confirmation prompt. Deleted users are hidden from the list and cannot sign in. The underlying record is retained for audit purposes.
RESET User clears the user's password and sends them an email with a new temporary password. Use this when a user is locked out or has forgotten their password. Reset is rejected if the user signs in via SSO; password resets for SSO users must be done in the identity provider.
VIEW Permissions opens a read-only table showing the access level the user holds for each of the 20 permission areas. The table is populated from the role assigned to the user. To change what a user can do, either assign them a different role on the EDIT User dialog, or update the role definition under Manage Roles, which updates every user assigned to that role.
The legacy operation Modify roles, which let you set permission levels individually per user, has been removed. Use Manage Roles to define a role with the right combination of permissions, then assign that role to the user.