[{"data":1,"prerenderedAt":148},["ShallowReactive",2],{"guide:zh:admin/granting-access":3},{"id":4,"title":5,"body":6,"description":140,"extension":141,"meta":142,"navigation":143,"path":144,"seo":145,"stem":146,"__hash__":147},"guide_zh/zh/user/admin/granting-access.md","授予与管理用户访问权限",{"type":7,"value":8,"toc":133},"minimark",[9,13,17,32,35,39,47,67,95,98,109,112,116,119,122],[10,11,12],"h1",{"id":12},"访问",[14,15,16],"p",{},"访问应用程序通常遵循以下两种流程之一：",[18,19,20,29],"ol",{},[21,22,23,24,28],"li",{},"用户通过\"注册\"链接（",[25,26,27],"code",{},"/auth/signup","）申请访问应用程序",[21,30,31],{},"用户由管理员邀请加入应用程序",[14,33,34],{},"在两种可能的流程中，可能出现申请已提交而账户已存在的情况。这种情况无害，可通过删除多余申请轻松解决。",[36,37,38],"h2",{"id":38},"申请访问权限",[14,40,41,42],{},"当用户访问您的应用时，可通过登录链接选择注册。",[43,44,46],"a",{"href":45},"./granting-access/sign-up.png","注册",[14,48,49,50,53,54,57,58,61,62,66],{},"填写简短表格将生成申请，任何在 ",[25,51,52],{},"admin/access-requests"," 页面中拥有 ",[25,55,56],{},"CreateUser"," 或 ",[25,59,60],{},"DeleteUser"," 权限的人员均可处理该申请。",[43,63,65],{"href":64},"./granting-access/access-requests.png","管理员访问申请","此处有几点值得注意：",[68,69,70,73,76,79,89,92],"ul",{},[21,71,72],{},"仅接受来自有效域名的申请（参见身份验证中的\"允许域名\"）；超出有效域名的申请将无声失败，因此您允许的域名将保持私密。",[21,74,75],{},"每个电子邮件地址仅可发起一次申请",[21,77,78],{},"重新提交时申请者的消息将被替换",[21,80,81,82,85,86],{},"被拒绝的申请也会被删除。查看已删除申请需管理员权限 ",[25,83,84],{},"viewDeleted","，恢复申请则需管理员权限 ",[25,87,88],{},"createAccessRequest",[21,90,91],{},"批准申请将创建账户、生成安全随机密码，并向用户发送验证邮件。验证成功后用户需重置密码",[21,93,94],{},"启用 SSO 需用户账户已存在。SSO 配置信息关联于用户档案，除验证使用权限外所有细节均隐藏。用户登录后可触发关联账户的 SSO 流程。权限管理通过应用程序内部实现，而非第三方 OAuth 提供商。",[36,96,97],{"id":97},"授予访问权限",[14,99,100,101,103,104,108],{},"拥有 ",[25,102,56],{}," 管理权限的用户可通过",[105,106,107],"strong",{},"管理 → 用户","菜单直接创建账户。对于批量操作，可在\"添加用户\"面板右上角获取 .csv 模板。创建账户时系统会自动设置随机安全密码，并发送验证请求。用户需在账户创建后重置密码。",[14,110,111],{},"虽然可以在允许的域名之外创建账户，但这不支持设置密码，也不允许自动验证电子邮件地址或电话号码。",[36,113,115],{"id":114},"sso","SSO",[14,117,118],{},"在默认设置下，用户需要先创建账户。返回登录页面时，将显示\"添加 SSO\"的提示信息（该选项需管理员先行启用，详见\"身份验证\"中的\"自定义管理员设置\"）。通过 SSO 进行第二次登录时，系统将自动将 SSO 设置关联至用户账户。",[14,120,121],{},"或者，如果应用程序设置中启用了\"允许注册\"功能，用户可直接通过 SSO 注册。该功能会自动创建账户并生成随机安全密码，只要启用了\"用户名/密码\"登录选项，该密码即可重置并使用。",[14,123,124,125,128,129,132],{},"任何拥有 ",[25,126,127],{},"UserUpdate"," 管理权限的用户均可通过 ",[25,130,131],{},"./admin/users"," 页面从用户个人资料中移除 SSO 设置。",{"title":134,"searchDepth":135,"depth":135,"links":136},"",2,[137,138,139],{"id":38,"depth":135,"text":38},{"id":97,"depth":135,"text":97},{"id":114,"depth":135,"text":115},"用户如何申请访问权限，管理员如何邀请和审批用户，以及 SSO 账户如何关联。","md",{},true,"/zh/user/admin/granting-access",{"title":5,"description":140},"zh/user/admin/granting-access","CZ0z1tbqex3XEpcFfnO16m7tHDyewxXAWoWZeJvuLBQ",1780539282031]