TeamAdmin: User Exit Strategies
This page explains how to remove users from a team.
The page is divided into two sections:
Exit Strategies
Team members can easily be archived or their access can be limited by setting their valid until date in eLabFTW. However, when a user is part of multiple teams, the situation may be more complicated.
The flowchart below aims to assist Team Admins in understanding their options:
1. Archiving of Users and Entries
If a person is only a member of one team, they can be archived by a Team Admin. If desired, their associated entries can also be locked and archived. This method ensures a clean separation but is only suitable if the person exclusively belongs to one team. If the person is active in multiple teams, archiving them would also archive them in the other teams, which is generally not desired.
2. Adjusting Rights for Visibility and Write Permissions
Another exit strategy involves explicitly setting the visibility and write permissions of entries for the team that will be left. In order for the entries to remain visible to the team even after the person's departure, the corresponding rights for all entries must be adjusted. This can be done by an admin as a collective action through the Admin Panel. This way, access to experiments and other entries for the team remains available without the person still being part of the team.
3. Transferring Ownership or Duplicating Entries
Another option is to transfer ownership of entries to another person in the team. Alternatively, relevant entries can be duplicated before removing the person from the team. Once a person has been removed from the team, their entries are no longer visible to that team, leading to uncertainty about who originally owned those entries. To avoid this, the name of the original creators can be included in the title of the entry or added as a tag to make data origin more visible.
4. Limiting Visibility of Entries
Instead of removing a person from the team, they can remain in it while their entry visibility is restricted. Through rights management, it can be determined that only the original owner and admins have access to specific entries. This prevents the individual who is leaving from accessing information that is not relevant to them while still remaining part of the team. Team Admins may also lock items, ensuring they are in read-only mode.
General aspects Considered by the Points Above
There are various methods to remove a user from a team: (1) archive, (2) delete, (3) removal from team by System Admin.
- Deleting is only possible when the user does not own any entries. This action deletes the user from all teams.
- Archiving a user archives them in all teams.
- Setting the 'valid until' date for a user sets this date for all teams they are a member of.
- Removing the user from the team makes their entries inaccessible to others (including (System-)Admins) unless other Users, Teams, or Groups are explicitly added in the permission settings. This may be reversed by adding them back to the team.
- The User settings include a setting, in which a User can choose to view experiments, regardless of which team they are currently logged in to. This setting also allows them to access entries created in teams from which they have been removed, if they are still able to log in to the ELN from another team. They will not be able to edit them if the entries have been locked by an admin.
As of version 5.3, it is also possible to archive users in specific teams rather than the whole instance.
