🌍
English
Announcement
- [2024-04-17] Piwigo 14.4.0
- [2024-04-01] Piwigo in Hobbit runes
- [2024-03-01] Piwigo 14.3.0
- [2024-01-30] Piwigo 14.2.0
- [2023-12-29] Piwigo 14.1.0
#1 2014-07-25 08:15:16
- Yogie
- Translation Team
- Germany
- 2012-07-24
- 74
Administrators can delete Webmasters?
Hi,
why is it possible that an Administrator can delete a higher privileged User like a Webmaster!?
To me this looks like an issue!
A webmaster should be a person for example who cares about the installation, themes, plugins, updates etc... so basically the provider of the piwigo install.
An administrator surely should be able to administrate all except deleting a higher privileged user, can't update or install any themes or plugins, but can activate deactivate and configure all given items like themes, plugins and at the end create users, delete users but he should not be able to give higher privileges to somebody and maybe not even the same permissions he has!?
Any hints? Thoughts? Ideas?
Last edited by Yogie (2014-07-25 08:15:34)
Offline
#2 2014-07-25 09:40:07
- plg
- Piwigo Team
- Nantes, France, Europe
- 2002-04-05
- 13791
Re: Administrators can delete Webmasters?
Hi Yogie,
Thank you for this bug report. I reproduce the problem: an "administrator" can delete a "webmaster" (but not the main webmaster, the user created during Piwigo install). An administrator can also create another user and give him the same status. I don't think that's what we should expect. Only webmasters should be able to give administrator status.
Offline
#3 2014-07-25 11:11:03
- plg
- Piwigo Team
- Nantes, France, Europe
- 2002-04-05
- 13791
Re: Administrators can delete Webmasters?
Offline