Permit own permissions 6.x-1.x-dev
File ID: 102827
Permit own permissions 6.x-1.x-dev Description
Description: A site is beautifully set up and guards against catastrophic user error (blowing things up) while giving the person you made it for as much flexibility and power to add to it as is possible... almost.
He can't change what permissions other roles have or even what roles another user has... unless you give him administer permissions.
Now Mr. Just-Learned-Drupal-From-You (in five-minute impromptu sessions because he cut the training budget from the project) can see the configure nuclear options permission, and he thinks it would be nifty to play around with that himself.
Before his assistants can use their delegated permissions, on the day of his Superbowl ad announcing the site he puts it into offline mode, the smiling blue Druplicon becomes that much more (in)famous, and he sues you for a half-million dollars.
Don't let this happen to you!
Permit own permissions provides the share permissions permission, and the share permissions through roles.
Share Permissions: A user in a role with this permission can grant (or revoke) any permission that she has.
Share Permissions through Roles: A user in a role with this permission can grant (or revoke) any role that contains permissions s/he has. If a role has a permission that the user does not have, then that user does not have permission to grant that role.
It's that simple. That's why we needed a big lead-up.
For getting something like this into Drupal core, potentially, see Do not let grant more permissions than you actually have.
For modules providing additional, finer-grained ability to authorize other users to do things, see Role delegation, Delegate menu administration, and Taxonomy delegate
This delegation-enhancing module is, ironically, contributed by the the non-hierarchical, equality-for-all collective known as agaric. Expansion to the module has been sponsored by GoingOn so we can create better websites for education.
Related: Permissions, Permission, grant, Module, revoke, things, Share, Roles, havefor, providing, Modules, potentially, drupal, needed
O/S:BSD, Linux, Solaris, Mac OS X
File Size: 10.0 KB
|More Similar Code|
It provides this functionality by superceding and expanding on the Content Permissions module packaged with CCK, granting access to fields whether a given user has View Field or View Own Field permission.
"Own" refers to ownership of the node. The author is able to View/Edit their "own" fields.
The Content Permissions module should be disabled while using Field Permissions Plus.
Module adds 'view own content' and 'view any content' permissions for all of content types.
So, administrator can build a more flexible system of rights.
For example, admin can add 'view own question content' for role 'clients' and...
If you have a hierarchy of packages in a library, permit the user
of your library to have his own hierarchy of packages that "overlays" yours.
That means he can even have classes named the same as your classes, and have
This module allows Ubercart store administrators to apply more fine-grained permissions to the product catalog and shopping cart.
This is particularly useful in situations where you want the general public to view most of your site,...
This gives an alternative way of administering node-related permissions which may be easier on sites with many content types and roles.
For each role, a grid of permissions is shown, where each row is a content type (grouped by module)...
NLPP (The Native Language Programming Project) aims to permit foreign programmers to program using commands (such as if) in their own language (such as \'si\' for Spanish). We also aim to create an easily extensible program so that...
A quick way to start your own link directory site. It supports unlimited editors with category specific permissions, fully customizable colors and graphics
Many of the webs d-deDUsociald-deDt sites offer up APId-deOaos to get data out of them for use on your own sites. Sites like Flickr, Twitter, and ScrnShots offer up these APId-deOaos in JSON format which makes it really easy for us to grab and...
b2evolution is a powerful blog tool you can install on your own website.
It includes all the features of traditional blog tools, and extends them with evolved features such as file & photo management, versatile skins, multiple...
This module allows a user with the appropriate permissions to see a pagered list of all of the users on the site, with the ability to filter this list by user role. This OG administrator is then able to set the subscriptions of these users to...
|User Review for Permit own permissions