Would like to see the ability for certain users to the adminrole. I'm willing to role some patches, but would like to know whether this seems like a good idea from maintainers perspective. This would allow admins to function as normal site participants until they elevated to to the adminrole.

Comments

Leeteq’s picture

Ref. this post:

"Adminrole security hole: admins can assign themselves full permissions"
http://drupal.org/node/375954

If I understand your feature request properly, then you are suggesting that instead of doing the check that requires "administer permissions", then instead the module should add a permission setting where roles can be assigned to give them access to adjust adminrole settings.

Leeteq’s picture

Further on this:
In conjunction with the Masquerade module, such "sudo" like behaviour could possibly be arranged, have not given that serious thought, though. But if so, that would require that the mentioned security hole is fixed.

Dave Reid’s picture

Status: Active » Closed (won't fix)

Don't think this is appropriate for this module (whereas there is Masquerade and User switcher). This should stay a simple backport of the D7 functionality.