Forums / Setup & design / "SuperUser" - howto?
Torbjørn Laukvik
Wednesday 27 April 2005 7:47:00 am
Ok, I am sure this has been asked before, so I am very sorry for bothering all of you again....
I want to make a user that has almost exactly the same rights as editor user, EXCEPT that he can create other users within the editor user group.(The editor user can create/delete content at will from inside the admin part)
Do you understand? he should under noooo circumstances be allowed to create admin users or modify the anon users.
I am using 3.5.1 and switching to 3.5.2 soon. (in case there is some groundbreaking differences in 3.5.2)
Thanks
Bård Farstad
Wednesday 27 April 2005 7:49:59 am
Torbjørn,
this can easily be achieved by setting permissions on editing. You can limit editing/creating of users to a specific subtree. E.g. /user/editor users/. That way users who have rights like this can add and edit other users in that specific place, but nowhere else.
Hope this answered your question.
--bård
Documentation: http://ez.no/doc
Wednesday 27 April 2005 8:05:25 am
It sounds easy, but I'm not quite sure how to attack this.
Have created a new role "superuser"the problem I'm facing right now is that if I try to add a new user policy for the "superuser" role, it's given no limitation all the time. Is this right? doesn't this mean that if I give someone user access, they can all create admins?
I have of course added a user group with some users in it.
Am I attacking this from the wrong angle?