DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.

Change rights for (admin) user

Sort:
You are not authorized to post a reply.





New Around Here





    Is it possible to deny some specific admin rights, for example the right for admininistrators to change user roles? I want only super users to change the roles of users.






    Veteran Member





      Peter,

      afaik: no. Administrator permissions are untouchable. (But maybe I am wrong)

      Happy DNNing!
      Michael

      Michael Tobisch
      DNN★MVP

      dnnWerk Austria
      DNN Connect





      Veteran Member





        As Administrators is a "normal" Role in the database you can change, in theory, part of the groups rights>
        AFAIK "edit roles" is not an available option though.

        Also you should understand that this is not a supported use case so the DNN backend could get "confused".
        I would not try this in production TBH..






        New Around Here





          That's what I thought, hence my question to the experts here.. :)

          Is there a event that triggers before a user has been created or updated, to check if a non superuser is trying to save role related stuff? 

          EDIT: I found the 'RoleEventHandlers' interface, here I have the RoleJoined and RoleLeft methods (events), here I can detect the role related changes. From the HttpContext I get the actual user who raised the event (so the potential Administrator) and then I can simply throw an exception to notice the admin.

          <!--EndFragment-->






          Veteran Member





            Please provide some more details about the question raised in your last reply. What, exactly, are you trying to do?
            Joe Craig
            DNN MVP
            Patapsco Research Group
            You are not authorized to post a reply.

            These Forums are dedicated to the discussion of DNN Platform.

            For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

            1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
            2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
            3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
            4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
            5. No Flaming or Trolling.
            6. No Profanity, Racism, or Prejudice.
            7. Site Moderators have the final word on approving / removing a thread or post or comment.
            8. English language posting only, please.

            Would you like to help us?

            Awesome! Simply post in the forums using the link below and we'll get you started.

            Get Involved