rewrite new user procedure to be more explicit about the steps
authored
byanarcat
I tried to follow the procedure, thinking I could do it to onboard
Nadya, but failed because I didn't actually have the right accesses.
See: tpo/tpa/team#42386
@@ -140,7 +140,17 @@ perhaps ad-hoc, team that you will need to create a new Collection.
## Add a user
To add a new user to the vault, they will need to be "invited" via the admin console (`/admin`) to the organization. They should be added to the appropriate groups, depending on their role in the organization. Additionally, each user should have a `Personal - <username>` collection created, and the user is given "Edit items, hidden passwords" access, and the "Manage collection" access should be given to the "Executive Leadership" group.
Note: this step *cannot* be done by a Vault "admin" (through the
`/admin`) interface, it needs to be done by an organization owner
(currently micah).
1. sent the above "Welcome email"
2. invite the user from the main vault interface (*not* the `/admin`
interface), make them part of "The Tor Project" organization
3. add the user to the right groups
4. add a `Personal - <username>` collection with the user given "Edit
items, hidden passwords" access, and the "Manage collection"
access should be given to the "Executive Leadership" group
