Karoly Negyesi wrote:
* Disabling changes to usernames and passwords of administrative users by users having administer users permission.
I smell hiearchical roles here. Some user ought to be able to change other users psswords... including admins... I guess at least.
I'm not sure what you mean by "hierarchical roles". But I'm about to fix a problem on a site similar to this, and considered something that sounds like "hierarchical roles". My problem is that I want some subset of users to be able to administer some subset of users, but not all users. The "administer users" privilege is too general; if you can administer one, you can administer all. And you can elevate your own level of privilege. A simple solution to this would have "levels" of roles -- a simple weight number. The rule is: you cannot assign a role to another user that has a lower weight than the most privileged role that is assigned to you. This would allow a simple way to partition the administration of users into sub-administrators, and is easier to create admin UI for than a hierarchy (take a look at og_hierarchy if you want to see how nasty that kind of UI can get). This is a simple work around a serious problem (IMHO) with the Drupal user model: it's currently possible for any user with "administer users" privileges to effectively elevate his/her privilege level. Am I missing something, and there's some other way to prevents this? Rob Thorne Torenware Networks