[geeklog-devel] Restricted User Admin Feature

Blaine Lang geeklog at langfamily.ca
Fri Jun 4 10:56:56 EDT 2004 

Thinking about this a bit more -- I see it will be a bit more involved

Restricted admin needs to be able to:
  - Add, edit, delete users
  - Need to be able to add/edit group membership
  - Need to control groups that are listed or availble to this restricted
admin.
  - Can't have them assign Root to  a new user (doh!)

The client has 8000+ users and 800 groups so I will be making some other
admin and UI enhancements.

I've yet to look at the code so I know there are likely more considerations
that I've missed.

Blaine

----- Original Message ----- 
From: "Blaine Lang" <geeklog at langfamily.ca>
To: <geeklog-devel at lists.geeklog.net>
Sent: Friday, June 04, 2004 10:10 AM
Subject: Re: [geeklog-devel] Restricted User Admin Feature


The "Restricted" admin would be able to admin any users that are in its
group of controlled users.

So team-admin has the "restricted_user_admin" feature and it's been assigned
groups A and B.
Any users in Groups A or B can not be administrated by the "team-admin"

Thats the concept -- I've not looked at the user admin code to see what
issues I may have. I was thinking I would only need to made changes to this
script such that the list of users would be filtered and adittional logic to
check for this restricted admin rights.

This is easier if there is only one level of restricted admin but more
involved if this supports multiple
teamAdmin1 has admin over users in groups 1 2 and 3
teamAdmin2 has admin over users in groups 5 6 and 7

Blaine

----- Original Message ----- 
From: "Tony Bibbs" <tony at tonybibbs.com>
To: <geeklog-devel at lists.geeklog.net>
Sent: Friday, June 04, 2004 9:39 AM
Subject: Re: [geeklog-devel] Restricted User Admin Feature


How, exactly are they restricted?  I'm not totally understanding the
concept.

--Tony

Blaine Lang wrote:

>I have a client requesting a MOD to support a "Restricted User Admin" and I
>know this is a GL feature that has been requested before.  Is there
interest
>in rolling this feature once completed and tested into GL ?
>
>The easist way is to create a new feature "RestrictedUserAdmin" and then
>have a $_CONF parm that contained the user groups that anyone with this
>feature had admin rights over.
>
>The second and more flexible would require a new table and a new admin
>screen that would allow the Root to create any number of Restricted Admins
>and assign user group ownership to.
>
>Optionally, the $_CONF parm could be an array that supported multiple
number
>of admins. I don't see it being a commonly used admin feature but one
larger
>site and corporate users are going to want.
>
>Please let me know if there is general interest or any preferred
>implementation direction.
>
>Blaine
>
>
>_______________________________________________
>geeklog-devel mailing list
>geeklog-devel at lists.geeklog.net
>http://lists.geeklog.net/listinfo/geeklog-devel
>
>
_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel


_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

More information about the geeklog-devel mailing list