On 28-Jan-06 15:29, Rob Thorne wrote:
A simple solution to this would have "levels" of roles -- a simple weight number. The rule is: you cannot assign a role to another user that has a lower weight than the most privileged role that is assigned to you. This would allow a simple way to partition the administration of users into sub-administrators, and is easier to create admin UI for than a hierarchy (take a look at og_hierarchy if you want to see how nasty that kind of UI can get).
This is a simple work around a serious problem (IMHO) with the Drupal user model: it's currently possible for any user with "administer users" privileges to effectively elevate his/her privilege level.
Am I missing something, and there's some other way to prevents this?
This is definitely a simple solution to my problem. Overall however, I think the model you've suggested will have to look out for the cases presented in multi-site setups as well as Drupal network. -- Sammy Spets Synerger Pty Ltd http://www.synerger.com/