Assign User/Group permissions but NOT Admin Group?
Permalink
I'm creating a secondary Admin Group that doesn't have full permissions because I don't want this group to be able to destroy everything.
I need this group to be able to add Users and assign Groups, but I can't allow them to assign the main Admin group because then obviously they'd be able to destroy everything, which is what I'm trying to avoid.
Is there a way to do this?
I need this group to be able to add Users and assign Groups, but I can't allow them to assign the main Admin group because then obviously they'd be able to destroy everything, which is what I'm trying to avoid.
Is there a way to do this?
Sure you can do this.
Just go "Dashboard -> System&Settings -> User Permissions (in permission&access), there you can allow your "subadmin" group to assign other users to groups.
Just go "Dashboard -> System&Settings -> User Permissions (in permission&access), there you can allow your "subadmin" group to assign other users to groups.
Thanks!
I need this group to be able to add Users and assign Groups, but I can't allow them to assign the main Admin group.
I need this group to be able to add Users and assign Groups, but I can't allow them to assign the main Admin group.
I'm having the exact same problem as you, have you found a solution for it yet?
There used to be a security gap in the core where an admin user, given permission to 'login as', could then login as the super user and do anything. I don't know if that has been closed.
Seems like this is a continuation of the same kind of problem, just another level down.
Seems like this is a continuation of the same kind of problem, just another level down.
Is this bug?? (lower level user to be able to add users to Admin Group!!!!)