Project

General

Profile

Actions

Feature #6670

open

Admin rights should not override rights given through roles

Added by Daniel Schuba about 14 years ago. Updated about 14 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Administration
Target version:
-
Start date:
2010-10-14
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

Would be nice if there were a possibility to block the admin from working in projects. In my case I use the admin only for creating users or doing other things in the administration section. But the admin user should not appear in regular project. Unfortunatly it happens that I forgett to logout and make changes to tickets with the admin account. It think the admin right should not give to possibility to make all changes. The right's given through roles should also apply to admins I think


Related issues

Related to Redmine - Feature #4427: Create a new type of role for not project specific maintenanceNew2009-12-16

Actions
Related to Redmine - Defect #8199: Unable to change the status of an issue regardless of workflowClosed2011-04-20

Actions
Related to Redmine - Defect #8625: Admin can not change issue statusClosed2011-06-16

Actions
Related to Redmine - Defect #11887: Issue permission doesn't apply to AdministratorsNew

Actions
Related to Redmine - Feature #13519: Admin should receive the field restriction from its roleNew

Actions
Related to Redmine - Feature #18114: Restricted Admin RightsNew

Actions
Actions #1

Updated by Damien Couderc about 14 years ago

If you set the administrator flag for your regular user then you should not need to log as admin.

I disagree on the fact that admin rights should be restricted ...

Actions #2

Updated by Daniel Schuba about 14 years ago

well but why should an admin have all rights in all projects, maybe he is only there to manage users or add new costum-fields and should not have the right to everything

The point is, that an admin does not need rolles, but in fact admin is also some kind of role, BUT the role of an admin does not nessarly include having all possibilities

Actions #3

Updated by Holger Just about 14 years ago

I like the admin flag how it currently is: it resembles the root user on Unix. So it has every right and can do maintenance without messing with permissions.

What you do probably want is something like a global role concept (as described in #4427). That way, you could give a user the right to just create a new user but nothing more. However, I would not want to restrict the admin users in anyway as this would be unintuitive and would hinder the workflow for most people.

Actions #4

Updated by Go MAEDA 3 months ago

  • Related to Defect #11887: Issue permission doesn't apply to Administrators added
Actions #5

Updated by Go MAEDA 3 months ago

  • Related to Feature #13519: Admin should receive the field restriction from its role added
Actions #6

Updated by Go MAEDA 3 months ago

Actions

Also available in: Atom PDF