Super Admin your Admin, secondary lite version admin page

    • 154 posts
    August 7, 2017 10:59 AM EDT

    I did raise a github, and moving here as this seems the place for feature requests.
    https://github.com/SocialEngine/phpv4-feature-requests/issues/123

    Soooo I am superadmin of my site, and I want other admins on the site but with less access but still have access to a lite version of the admin area.

    I dont want them seeing every users email addresses, I dont want them seeing the plugins, i dont want them to have access to theme options or layout, I dont want them seeing the licence number etc, I dont want them to have access to options that could change and mess up the storage.

    esp if a community gets good and staff are hired, only matter time before they export data or mess it up.

    Can this be done?

  • gs
    • 857 posts
    August 7, 2017 12:37 PM EDT

    Great idea (which I literally wrote in the github post).

    IMHO, it seems much of SE thinking seems to be focused on small communities (I'll mention here that I'm still in development so I am not a large community ...yet

    Although so much of the functionality of SE (and Plugins) is based on MLs, this was never built-in to ADMINcp.  If SE is expecting only 1 ADMIN (or a few very trusted ADMINs) then what we have sortof works.  But I simply believe in security (sometimes even protecting myself from myself through using different ADMIN levels for different purposes (so I don't accidentally make big mistakes when I'm rushing things); I've often used this in Accounting and Manufacturing systems - so when I put on a certain hat I login as that ADMIN so I can't make changes to settings I'm not thinking about right now - it also helps me see what can be done by different ADMIN levels).

    Anyway, I think this would be very beneficial to some ADMINs, especially if it was REQUIRED that 3rd-Party Plugins adhere to this.  IMHO SE has to begin doing more to require and enforce more things with 3rd-Party Devs. 

    I also recommended in another FR about providing a separate Advanced ADMINcp which those who need it could pay for.  Maybe this is one of the fuctions that could be included there.  The point is some of us (well, hopefully some day I'll be one of 'us') require more than simple functionality, just like there's basic accounting software all the way up to high-end platforms. 

    • 71 posts
    August 8, 2017 9:10 AM EDT

    @Daniel, we had exactly the same problem when working on a custom project. Our solution for that is Moderator Toolbox

     

    The idea was to create a special page for Moderators, where they have limited access only to things they need:

    1. User search (including by IP)

    2. Banning users (including for the period of time)

    3. Adding notes for users visible by other moderators

    4. Browse reports from users

    5. Messages activity (plus an option to see x most recent messages) as a way to detect spammers

    6. Log of moderators activity (to catch if somebody is abusing the moderation power)

    • 154 posts
    August 8, 2017 12:20 PM EDT

    @eugene looks great.

    but not quiet what I was getting at.

    Saying that tho, I technically could make my own moderator dashboard with links to certain links in admin

    such as domain.com/admin/message/mail

    Using your Access Manager plugin that I have?

    I can just block moderators from certain aspects of the admin area, but make my own html dashboard.


    Why didnt I think of that!

    Only thing I couldnt hide tho would be the menus showing all plugins used etc

    Saying the Eugene, did you ever fix the issue that I emailed about regards to access manager, as pages can still be accessed if the use / or ? at the end of a banned page


    This post was edited by Daniel at August 8, 2017 12:21 PM EDT
    • 71 posts
    August 8, 2017 1:15 PM EDT

    Saying that tho, I technically could make my own moderator dashboard with links to certain links in admin

    That won't solve the problem with permissions. Regular users or moderators will still have no way to ban another person or check the report. And if you open that part of admin panel for them you will need to do pretty much the same work as we have done. But in this case modifications will be done in the SE core.

    Using your Access Manager plugin that I have?

    It's good for viewing permissions, but not for functionality restrictions. IT might be used, but again, customizations will be required.

     

    I can just block moderators from certain aspects of the admin area, but make my own html dashboard.

    Can moderators access the admin panel in the new SE version? (or are you talking about admins vs superadmins?)

    Saying the Eugene, did you ever fix the issue that I emailed about regards to access manager, as pages can still be accessed if the use / or ? at the end of a banned page

    I think I have emailed you about it quite some time ago. Please PM me if you have not received that emails. There was a change for rules in one of the upgrades (blocking all section vs using * for the mask), so existing rules should be revised.