Searching usersManaging employee records
All our front ends have a search functionality to find certain user(s), regardless of that user being a consumer or employee. Your search results however are influenced by several settings, which we cover on this page.
There is one setting which spans across all front ends:
UserSearch:UseNewUserTypeFiltering. This setting allows us to adhere to GDPR regulations by tying the visibility of employees and customers to OUs that are directly relevant to employees only.
When this setting is enabled, which employees/customers can be found in the search results will depend on the role(s) of the user performing that search. This means if the user only has a role set on one specific store, then search results will only pertain to that specific store. If it's necessary however for the search results to include users from more OUs, then the role needs to be set on a higher OU level. Inversely, keeping it set to false - which is currently the default state - will mean your search remains unfiltered.
UserSearch:UseNewUserTypeFiltering is by default set to true on all non-production environments.
Additionally, the user search can be specified per front end, via the following App settings. You will only be able to access users of OUs you have permission to view.
App:SearchUsers:IncludeCustomersEnable if you want your search to include Customers
App:SearchUsers:IncludeEmployeesEnable if you want your search to include Employees Bear in mind that you can also combine these two settings.
UserSearch:FilterOnCountryInStoresEnable if you want your search to prioritize users, that are located in the same country as the OU.
If a user has no roles, that user will still be visible for the CreatedBy User in the overview. This way, even if a user does not belong to a visibility group, the user can still be found and assigned a role.
You might find different, seemingly related, settings pertaining to your UserSearch in your AppSettings, but these are purely back-end related.
You can make user management more secure by setting
LimitUserVisibility to true. In that case users will only be able access their own user object, while employees will only be able to view/edit those users for which they have explicit permissions. These are for example employees with roles on the same organization unit.
This setting which started off as an opt-in, will become opt-out instead with the delivery of Core 2.0.708. It will become a forced setting - ignoring the setting value - with Core 2.0.740.
If users are labeled as an employee, a small note will appear in the front ends to make that clear.