I apologize if this is a duplicate feature request. I did a search but did not have the opportunity to look through all of the results.

I would like to see several additions/changes made to the User Permissions / ACL.

Issue: Currently, if you give someone permission to administer users they can edit *any* user up to and including blocking the "God" account. This can cause a few headaches for system administrators, esp in the case of admin feuds. I would also note this is a problem with administering the ACL as well; admins are able to give themselves permissions and access that you may/may not want them to have access to, but you may need them to be able to access the ACL for other things.

Proposed Solution: Apply "weight" to user roles... heavier weighted roles could then be made so that they cannot edited lighter weighted roles. "God" account should be made uneditable by *any* other account. This measure could also be applied to editing user roles as well. An administrator could not edit any role that is weighted lighter than the one they are.

Additionally, I would like to note that, other than the above, the ACL employed in Drupal is perhaps one of the best I have ever seen in a CMS. I have worked with a couple of different commercial CMS packages and even those had inferior ACLs.

Comments

moshe weitzman’s picture

moshe weitzman commented

this is a dupe, but i can't find the original. most people agreed that role weights are needed.

magico’s picture

magico commented
Version: 4.7.2 » x.y.z
LAsan’s picture

LAsan commented
Version: x.y.z » 7.x-dev
marcingy’s picture

marcingy commented
Version: 7.x-dev » 8.x-dev

Bumping to drupal 8

jhedstrom’s picture

jhedstrom
Primary language English
Location Portland, OR
commented
Issue summary: View changes
Status: Active » Closed (duplicate)

This is a duplicate as mentioned above, of several, more active, issues in the queue. Please re-open if I've missed something here.