Logan Posted September 28, 2004 Posted September 28, 2004 Hello, I know this has been suggested before but I just want to explain why it is so important. Imagine you had like what IPS has , IPS Management is the root admin group. Ok, But say they had a few members they didn't want to access a few things. The reg. key, SQL Toolbox etc... So you make a whole new group called Co-Management. Why? What would be the point. So what I am trying to say is, We need to set specific user-based permissions for ROOT admin group users. The main account like the first one, if possible. Set it as it has ALL permissions and no one else can edit it. Being able to customize the root admin users permissions individually via their user profile would be a good, what sections they can and cannot access. Also make it so they cannot edit their own permissions? I think we need to have some kind of ONE main root user that no other root admin can edit and their settings cannot be over ridden? I don't know. You get my point somewhere in that ramble :) Thanks
Jasonawojo Posted September 28, 2004 Posted September 28, 2004 Anyone in the root admin group can access the SQL but I agree that we should be able to define Admin rights and I believe that Matt said this feature would be included in an post-final version of IPB 2.0.
-Strider- Posted September 28, 2004 Posted September 28, 2004 theres a mod like this for ipb 1.3 at invisionize.com, i think its called 'special administration.
Logan Posted September 28, 2004 Posted September 28, 2004 A 1.3 mod would be no good to me. As I use 2.0.0 final. But yes, comprehensive administration rights would be good. As I do not want everyone to have the key to the forum, or change security/privacy settings etc...
elj Posted October 2, 2004 Posted October 2, 2004 I know this has been requested before, and hope it makes it into the next release. The best way to do this would be a tree-map with check boxes, to allow them to see entire categories, or just certain parts.
Wolfie Posted October 3, 2004 Posted October 3, 2004 Might be a better concept to have an Admin CP, as it is now, and then a CoAdmin CP, where there would be a limited number of sections.. Managements sections for Forums, Users, Skins, Emoticons & some of the more common/needed configuration options... Using a tree map would be a definite plus.. Configuration []On []Off | Board status []On []Off | etc Forums []On []Off | Add/Manage Forums []On []Off | Moderators | Permission Masks Users (etc etc etc) Obviously you wouldn't want the user to be able to alter their own account, but to take that a step further, flag wether or not they can grant access to the Co-AdminCP, and if so, can only grant access to the same functions that they can access (so they can't grant someone higher access). Would be a definite improvement towards having staff who can set up forums without going to a single admin, and obviously the fewer people who have full access, the better. If nothing else, at least locking the primary account from any editting (ie, cannot be "demoted" nor deleted, and another account cannot change the password nor the email, etc)..
TheProphet Posted October 4, 2004 Posted October 4, 2004 I really like Dacity2's idea, that would be somthing I'm looking for.
MWTeddy10 Posted November 1, 2004 Posted November 1, 2004 I am waiting since 1.3 for this option. I hope it's comming soon. We have an IP department who can only take care of the hardware and environment but not the board contens. For that, we have 5 different Admins and all with the rights to kill the board. Hopefully nobody is doing a mistake......
Mark_H Posted November 3, 2004 Posted November 3, 2004 It's pretty crude but the way I stop it at the moment is just putting a member id block inside the functions that I want to protect. For example in ad-mysql.php I just modified the root admin check to // Make sure we're a root admin, or else! if ($ibforums->member['id'] != '1') { $ibforums->admin->error("Sorry, these functions are for the site owner group only"); } It gets the job done for now when I don't want someone downloading all my customised systems from the db ;)
Logan Posted November 11, 2004 Posted November 11, 2004 OR... with the current settings that are available. If you make another group with admin permissions, of course not ROOT only allowed one ROOT group. They already have blocked off stuff. That is efficient, so why not tweak the code heavily, to allow two admin user groups to co-exist with the same name? One Admin ROOT and one normal Admin(with current non-root restrictions). I think that is sufficient, not sure if possible though.
Jamer Posted November 20, 2004 Posted November 20, 2004 OR... with the current settings that are available. If you make another group with admin permissions, of course not ROOT only allowed one ROOT group. They already have blocked off stuff. That is efficient, so why not tweak the code heavily, to allow two admin user groups to co-exist with the same name? One Admin ROOT and one normal Admin(with current non-root restrictions). I think that is sufficient, not sure if possible though.<{POST_SNAPBACK}> No this is not enough because that user can still delete the root admin, i know becuase i have tried it.
gusto5 Posted November 20, 2004 Posted November 20, 2004 really? i cant seem to be able to do it. Btw, this is for version 2.0.0
RavenRaz Posted November 20, 2004 Posted November 20, 2004 I think it should be as flexible as possible because different sites need different permissions. I like the idea of the check boxes so that you can tailer the permissions fully to your boards needs.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.