I had another idea for a simple module that I'm considering developing. I often get overwhelmed with drupal administration, and have many sites where admin is shared. Every time I add a module in drupal I tediously enable all access permissions for my "Admin" role. I began to think about the Linux sudo model, and thought this might be cool for dupal. Users with "Become Admin" privilges could switch to the "admin" user only. This way I could largely see the view that my content contributors do :). Does this seem like a good thing? Anyone know about duplication? I'm aware of Devel, and Masquerade but I didn't feel the need for that on the production sites, and I really don't want to expose the "Become Any User" functionality (but maybe I'm being silly here).
There's a module for that already: http://drupal.org/project/adminrole For switching users, the devel.module has a switch users block that allows you to quickly impersonate another user. Konstantin On 09.05.2009, at 04:39, David Metzler wrote:
I had another idea for a simple module that I'm considering developing. I often get overwhelmed with drupal administration, and have many sites where admin is shared. Every time I add a module in drupal I tediously enable all access permissions for my "Admin" role. I began to think about the Linux sudo model, and thought this might be cool for dupal. Users with "Become Admin" privilges could switch to the "admin" user only. This way I could largely see the view that my content contributors do :).
Does this seem like a good thing? Anyone know about duplication? I'm aware of Devel, and Masquerade but I didn't feel the need for that on the production sites, and I really don't want to expose the "Become Any User" functionality (but maybe I'm being silly here).
Quoting David Metzler <metzlerd@metzlerd.com>:
I had another idea for a simple module that I'm considering developing. I often get overwhelmed with drupal administration, and have many sites where admin is shared. Every time I add a module in drupal I tediously enable all access permissions for my "Admin" role. I began to think about the Linux sudo model, and thought this
Are you aware of http://drupal.org/project/adminrole? It'll stop the tedious enable business.
might be cool for dupal. Users with "Become Admin" privilges could switch to the "admin" user only. This way I could largely see the view that my content contributors do :).
Does this seem like a good thing? Anyone know about duplication? I'm aware of Devel, and Masquerade but I didn't feel the need for that on the production sites, and I really don't want to expose the "Become Any User" functionality (but maybe I'm being silly here).
It must have been a good idea there is http://drupal.org/project/masquerade already. -- Earnie -- http://r-feed.com/ -- http://for-my-kids.com/ -- http://www.4offer.biz/ -- http://give-me-an-offer.com/
On Fri, May 8, 2009 at 9:39 PM, David Metzler <metzlerd@metzlerd.com> wrote:
I had another idea for a simple module that I'm considering developing. I often get overwhelmed with drupal administration, and have many sites where admin is shared. Every time I add a module in drupal I tediously enable all access permissions for my "Admin" role. I began to think about the Linux sudo model, and thought this might be cool for dupal. Users with "Become Admin" privilges could switch to the "admin" user only. This way I could largely see the view that my content contributors do :).
Does this seem like a good thing? Anyone know about duplication? I'm aware of Devel, and Masquerade but I didn't feel the need for that on the production sites, and I really don't want to expose the "Become Any User" functionality (but maybe I'm being silly here).
I love the idea. I have too many privileges on my normal user because I find it tedious to switch to another user to do admin stuff quick. I've tried both the Devl and Masquerade options and didn't care for them. I'd love to have my normal user where I could click something and all the admin options show up and click something else and they all go away without actually changing users. Michelle
So you essentially want the functionality of the adminrole module, but with a block that allows you to quickly add/remove a role from the current user. Regards Steven Jones ComputerMinds ltd - Perfect Drupal Websites Phone : 0121 288 0434 Mobile : 07951 270 026 http://www.computerminds.co.uk 2009/5/10 Michelle Cox <shellmultimedia@gmail.com>:
On Fri, May 8, 2009 at 9:39 PM, David Metzler <metzlerd@metzlerd.com> wrote:
I had another idea for a simple module that I'm considering developing. I often get overwhelmed with drupal administration, and have many sites where admin is shared. Every time I add a module in drupal I tediously enable all access permissions for my "Admin" role. I began to think about the Linux sudo model, and thought this might be cool for dupal. Users with "Become Admin" privilges could switch to the "admin" user only. This way I could largely see the view that my content contributors do :).
Does this seem like a good thing? Anyone know about duplication? I'm aware of Devel, and Masquerade but I didn't feel the need for that on the production sites, and I really don't want to expose the "Become Any User" functionality (but maybe I'm being silly here).
I love the idea. I have too many privileges on my normal user because I find it tedious to switch to another user to do admin stuff quick. I've tried both the Devl and Masquerade options and didn't care for them. I'd love to have my normal user where I could click something and all the admin options show up and click something else and they all go away without actually changing users.
Michelle
This is a terrific idea. I wanted something like that too, a few week ago. Some safety aspects I considered: - the role assignment should probably be temporary - expiring with the session, or after a period of idle time. - the user should maybe reauthenticate (with their own password, or a root password) when activating su mode.
Quoting Arancaytar Ilyaran <arancaytar.ilyaran@gmail.com>:
This is a terrific idea. I wanted something like that too, a few week ago.
You must have missed my response. See http://drupal.org/project/masquerade. -- Earnie -- http://r-feed.com/ -- http://for-my-kids.com/ -- http://www.4offer.biz/ -- http://give-me-an-offer.com/
Hello, sorry I'm out of discussion but I was thinking.. (as I never used masquerade/adminrole, but they seems to be similar to an extended su) 1 As does logintoggoboan module, when encountering a 403 page, put the su module login form (or a link to ?q=curr/path/su). 2 On submit form, check if user is logged && in the "sudoers|admin" role (like adminrole?) 3 add all permission to the user (alike #1) and toggle them on hook_exit (?). 4 Keep a su flag as timestamp in $user session and let it there some time, in case it's needed again (like masquerade?) 5 next 403 will update the time period and let go on as root or else remove if timed out. Is a reasonable approach? Thanks, Luca Earnie Boyd ha scritto:
Quoting Arancaytar Ilyaran <arancaytar.ilyaran@gmail.com>:
This is a terrific idea. I wanted something like that too, a few week ago.
You must have missed my response. See http://drupal.org/project/masquerade.
-- Earnie -- http://r-feed.com/ -- http://for-my-kids.com/ -- http://www.4offer.biz/ -- http://give-me-an-offer.com/
Earnie et al , Certainly Masquerade works as does devel. I was already aware of those. I'm kind of trying to figure out whether I want admin users to be my special "Admin" (In my case uid=1) or I let them be "Anyone" . I was fully aware that I might be being a bit over the top with regard to this requirement, and I'm beginning to wonder based on this response whether creating such a module might do more harm (in terms of duplication) than good (in terms of reduced feature set). I wasn't aware of adminrole, and having that brought up made me think this might be better submitted as a patch to that than its own module, but I'm still waffling a bit here. The real reason that drives me to this though is that you can't apply updates without being uid=1, and that is a particular responsibility I wanted to share amongs admins in my dev shop. I know that I can hack update.php but people keep forgetting to "unhack it", so I was hoping to find a better way. Sounds like people would rather have some combination temporarily assert adminrole than become uid=1 being separated. I'm going to think this over before creating any more duplication. Hmm... On May 11, 2009, at 4:31 AM, Earnie Boyd wrote:
Quoting Arancaytar Ilyaran <arancaytar.ilyaran@gmail.com>:
This is a terrific idea. I wanted something like that too, a few week ago.
You must have missed my response. See http://drupal.org/project/ masquerade.
-- Earnie -- http://r-feed.com/ -- http://for-my-kids.com/ -- http://www.4offer.biz/ -- http://give-me-an-offer.com/
The real reason that drives me to this though is that you can't apply updates without being uid=1, and that is a particular responsibility I wanted to share amongs admins in my dev shop. I know that I can hack update.php but people keep forgetting to "unhack it", so I was hoping to find a better way.
FWIW, I would support a core patch that adds a permission to "Run updates". admin_menu exposes this link as well, and can only expose it for uid 1. I see no compelling reason why only uid 1 should be able to run update.php (when the database is available). sun
FWIW, I would support a core patch that adds a permission to "Run updates".
And here it is: http://drupal.org/node/67234 Nat
Ok, given that admin role, or a patch to adminrole to allow sudo seems like a great Idea. I'll move this to the issue queue for that project. On May 12, 2009, at 2:03 AM, Nathaniel Catchpole wrote:
FWIW, I would support a core patch that adds a permission to "Run updates".
And here it is: http://drupal.org/node/67234
Nat
participants (9)
-
Arancaytar Ilyaran -
Daniel F. Kudwien -
David Metzler -
Earnie Boyd -
Konstantin Käfer -
luca capra -
Michelle Cox -
Nathaniel Catchpole -
Steven Jones