Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Default Administrator vs. Admin Role
rene
New
There is a difference.
As a user with an Admin role I can't change settings for some of my plugins. For example the Spoof plugin and the FileUpload plugin settings can only be changed by the original Administrator. A user with an Admin role gets a permission problem.
Why is this? And can I fix it?
As a user with an Admin role I can't change settings for some of my plugins. For example the Spoof plugin and the FileUpload plugin settings can only be changed by the original Administrator. A user with an Admin role gets a permission problem.
Why is this? And can I fix it?
Tagged:
0
Comments
There is an 'Admin' column in the user table (which has nothing to do with the Administrator role). If that is set to '1' (like for the original user), then every permission check evaluates to true. Otherwise, they need to be correctly configured.
The 'Admin' column did the trick. But I think this is not the official way? :P
Strange thing is that the content of the "Permissions" column is the same for the real Admin as the user with Admin Role.
In the Dashboard, my Admin role permissions are all checked. Since I can't see any other permission settings for the Admin role my guess is that the plugins don't use the right way to deal with permissions. Although the FileUpload plugin is approved and designed by the vanilla staff.
Would this be a logical conclusion? Or could there be something wrong in my vanilla install?
'SettingsPermission' => 'Garden.AdminUser.Only',
so the behavior you're seeing wasn't by accident.
I would assume Spoof has a similar setup or perhaps does have a permission error; I'm not familiar with it.
//edit: FYI, the 'Garden.AdminUser.Only' doesn't technically exist. Specifying a nonexistent permission like this one actually causes it to do exactly as this arbitrary name says: cause only users with the 'Admin' flag to be able to pass it.
In the past we had designed plugins such as FileUpload (which directly impact the server in a non-trivial way) to be configured only by the root admin. Most of the time this was 'ok' since the forum was usually directly controlled and configured by that person - the root admin. Increasingly, however, we've been seeing cases where those tasks have been delegated to others, so we're moving towards a less restrictive way of doing things.
I'll likely lessen the restrictions on FileUpload's configuration mode in a future release, or possibly create a new vanilla-wide permission like Garden.Plugins.Manage or something similar, which will allow people to configure plugins.
Thoughts?
Vanilla Forums COO [GitHub, Twitter, About.me]