[development] Hello from another developer/Want to add
some features
Sammy Spets
sammys-drupal at synerger.com
Mon Jan 30 03:13:58 UTC 2006
On 28-Jan-06 15:29, Rob Thorne wrote:
> A simple solution to this would have "levels" of roles -- a simple
> weight number. The rule is: you cannot assign a role to another user
> that has a lower weight than the most privileged role that is assigned
> to you. This would allow a simple way to partition the administration
> of users into sub-administrators, and is easier to create admin UI for
> than a hierarchy (take a look at og_hierarchy if you want to see how
> nasty that kind of UI can get).
>
> This is a simple work around a serious problem (IMHO) with the Drupal
> user model: it's currently possible for any user with "administer
> users" privileges to effectively elevate his/her privilege level.
>
> Am I missing something, and there's some other way to prevents this?
This is definitely a simple solution to my problem. Overall however, I
think the model you've suggested will have to look out for the cases
presented in multi-site setups as well as Drupal network.
--
Sammy Spets
Synerger Pty Ltd
http://www.synerger.com/
More information about the development
mailing list