Skip to content

User Management

MedUX uses Django's authentication system, extended with tenant-aware roles and permissions.

User Accounts

User accounts are managed through the administration area at /administration/. Tenant administrators can:

  • Create new user accounts
  • Assign users to the tenant
  • Manage user roles within the tenant
  • Deactivate user accounts

Roles and Permissions

MedUX uses a two-layer permission system:

  1. Django permissions — standard model-level permissions (add_patient, change_patient, etc.)
  2. Tenant roles — role-based membership via Conjunto's TenantMembership model

Tenant Admin

A user is considered a tenant administrator if any of the following is true:

  • They are a Django superuser
  • They have the common.change_tenant permission
  • They have a TenantMembership with role="admin" for the current tenant

Tenant administrators have access to the administration area and can manage other users within their tenant.

Groups

Django groups can be used to assign a common set of permissions to multiple users. Plugins can define default groups and permissions via MeduxPluginAppConfig.groups_permissions.