About superuser

A few things to know about Superuser privileges in Loris.

• The superuser permission is labelled "There can only be one Highlander" in the User Accounts module. As with all user permissions, this permission is only visible to those who have it, and so only those who have it can grant it to others.

• By default, every Loris installation sets up an initial front-end superuser called admin who has this superuser permission, as well all other existing permissions. admin is user #1 in the users table (First name: Admin, Last name: Admin).

• When new permissions are added to your Loris, run this statement in MySQL to update admin's permissions:

    INSERT IGNORE INTO `user_perm_rel` (userID, permID) SELECT DISTINCT 1, permID FROM permissions;

• The admin superuser is assigned to site DCC (Data Coordinating Centre) which by default is site 1 in the psc table. It is highly NOT recommended to change this setting.

There are a few things superusers can't do:

• create a candidate (New Profile) for a site that is not your current site. (Change your site to do so)
• create a timepoint for a candidate that is not attached to your current site.
• data entry in an instrument form, on a candidate/visit not attached to your current site

Other such examples exist -- all related to the ability to modify data attached to other sites. These restrictions are in place to minimize errors in data entry. The solution for the superuser is to change your site in the User Accounts module to match.