# Users, roles

{% hint style="warning" %}
This whole section has been significantly revamped in OLab4.7

We are no longer using the Entrada framework. We temporarily used an external LMS e.g. moodle.olab.ca in OLab 4.5 and OLab 4.6, but this has not proved popular.&#x20;

We have reverted to internal user management in OLab 4.7, using our System Management Tool.&#x20;
{% endhint %}

This is for **advanced** level users only. Do not mess with this if you do not know what you are doing. &#x20;

## System Management Tool (SMT)

You can access the SMT for the OLab cloud service here: [https://smt.olab4.net](https://smt.olab4.net/)&#x20;

### User Management

Login to the SMT and then click on the USERS tab.&#x20;

<figure><img src="/files/6fjo4s0rwgPM2oWnYTCw" alt=""><figcaption></figcaption></figure>

The table of users on the left is searchable. Click on the 3 vertical dots beside a column name and choose Filter then enter your search criteria.&#x20;

{% hint style="info" %}
There is an annoying interface glitch where the first matching row is hidden behind the Filter box. Sorry.
{% endhint %}

When you click on a row in the left side table, you can see and edit the person's details in the right side panel e.g. username, full Name, email or password.&#x20;

Remember to \[SAVE] your changes because they are not saved automatically.&#x20;

You can also \[GENERATE] a random strong password.&#x20;

#### Bulk Upload of Users

You can add new users, using an Excel worksheet.&#x20;

<figure><img src="/files/iAxKDsrn7e7ElxW25iXB" alt=""><figcaption></figcaption></figure>

You can download a [sample template of the worksheet from here](https://olab4.net/wp-content/uploads/2025/11/OLab4AddUsers.xlsx).&#x20;

Leave row 1 as is. 'operation' — usually you will leave this as '+' to add a new user. For columns FGHIJ etc, you can add more than one role per user but for most projects, a single role is enough.&#x20;

In the SMT Users interface, click on 'Upload XLSX file' to import the Excel file you have created.&#x20;

Duplicate usernames are ignored in the Excel file and are not imported.&#x20;

Users can be assigned to [Groups](/help/advanced-topics/courses.md), which along with their Role, will determine which resources they have access to.&#x20;

### Role management

We have improved this, taking an approach which is much more standard, and similar to how most LMS applications handle roles, courses, groups etc. &#x20;

<figure><img src="/files/jHw6hoNIsHLXQKo4rhG9" alt=""><figcaption></figcaption></figure>

The user credentials, their groups and their roles within the group are set. You have a number of Roles to choose from:&#x20;

* Superuser - Can edit and control access to all OLab4 objects at all scope levels, up to server-level.&#x20;
* Director -- Can edit and control access to all OLab4 objects at all scope levels, up to course-level
* Author -- Can edit and control access to all OLab4 objects at all scope levels, up to map-level
* Learner -- can play and list those maps and courses that are open to their group
* Reviewer -- can play and annotate those maps and courses that are open to their group

## Role-based access in OLab4

There are a number of things that are under the control of Roles in OLab4

* Scoped Objects - depending on your role, you can edit different scopes of objects
  * insert xref to that section in Objects
* Courses - these are tied to the LMS
* Maps - you can control which maps can be played by certain roles.&#x20;
* Nodes - you can even prevent certain roles from visiting some nodes. We have [more information on this here](https://olab4.net/role-based-node-access-in-olab4/).&#x20;

## Anonymous or open play of OLab4 maps

You can now provide completely open or anonymous access to some OLab4 cases. For basic information on this, check out <https://olab4.net/anonymous-access-to-olab4-cases/> &#x20;

You can try simply changing the access level in Map Details for a case to Open. This will often work but is not fully debugged.&#x20;

You, or someone with access to a SQL that is connected to the OLab4 server's database, can also make a small change. You need to create an entry in the security\_users table, which points at the correct map\_id, is linked to user\_id = 1441 (our anonymous user), and with the ACL set to RX. (If that does not make sense, you maybe should not be given access to a connected SQL tool.)

Anonymous access is not quite the same as guest access. Anon needs no login at all and the map will start immediately. With Guest access, the user must still login with the published user credentials of 'guest' for username and password.&#x20;

{% hint style="warning" %}
More to be added as this is refined. At present, management of these aspects is performed by the System Management Tool. If you wish to explore this further, contact us.&#x20;
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://olab4.gitbook.io/help/advanced-topics/users-roles.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.