Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Currently admin rights in OpenOutreach are essentially all or nothing. It'd be tremendously useful to have one or more additional roles to allow users to safely accomplish different administrative tasks, without being able to completely break the site by mistake. In particular, we'd need a role that allowed (among other things):
- enabling/disabling Features/Apps,
- choosing and configuring themes,
- selecting and configuring layouts,
- configuring Views,
Without allowing the likes of:
- enabling/disabling of arbitrary modules,
- access to other settings that could de-stabilize the site
- configuring role permissions
- access to other settings that could open security holes on the site
Comments
Comment #1
nedjoGood idea. The steps would be:
I'm happy to take on #2139657. Might you and others at Praxis be up for the Debut fixes?
Comment #2
nedjo@ergonlogic: to what extent might a module like Paranoia, https://drupal.org/project/paranoia, provide a more flexible solution? E.g., blocking access to all module enabling or permission administration would severely limit site administration. Maybe instead implement some of the paranoia hooks in e.g. a custom module or install profile?
Comment #3
nedjoComment #4
nedjoAlso potentially relevant: Custom Permissions module. Can be used to grant subsets of site admin perms.