[drupal-devel] [feature] More granular user management permissions
nedjo
drupal-devel at drupal.org
Wed Jun 22 15:56:54 UTC 2005
Issue status update for http://drupal.org/node/25530
Project: Drupal
Version: cvs
Component: user.module
Category: feature requests
Priority: normal
Assigned to: Anonymous
Reported by: budda
Updated by: nedjo
Status: patch
+1 on idea (I haven't patched and tested), makes sense to me as a
distinct permission.
nedjo
Previous comments:
------------------------------------------------------------------------
June 22, 2005 - 11:50 : budda
Attachment: http://drupal.org/files/issues/accesscontrol.patch (3.48 KB)
When a user role is granted 'administer users' permission this allows
them to not only edit any users profile, but also amend the access
control list, even for their own role. This means a moderator could
actually increase their own permissions to enable further access to
Drupal site settings.
To prevent this I have split the user module permissions further to
provide a new permission setting for each role - "administer
permissions". Enabling this permission for any role will provide the
user with access to the "access control" pages and functionality.
Patch attached to add additional permission and change menu access
checks as needed.
More information about the drupal-devel
mailing list