Is it possible to deny some specific admin rights, for example the right for admininistrators to change user roles? I want only super users to change the roles of users.
Michael TobischDNN★MVP
As Administrators is a "normal" Role in the database you can change, in theory, part of the groups rights> AFAIK "edit roles" is not an available option though.
Also you should understand that this is not a supported use case so the DNN backend could get "confused". I would not try this in production TBH..
That's what I thought, hence my question to the experts here.. :) Is there a event that triggers before a user has been created or updated, to check if a non superuser is trying to save role related stuff? EDIT: I found the 'RoleEventHandlers' interface, here I have the RoleJoined and RoleLeft methods (events), here I can detect the role related changes. From the HttpContext I get the actual user who raised the event (so the potential Administrator) and then I can simply throw an exception to notice the admin.
<!--EndFragment-->
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.