Not a bug User 1 can see all admin sections even if the permission is off

R

refael

Well-known member
I've noticed that user id 1 can see all admin sections, the admin permissions does not apply.
If this is by design I think it's need a change as not always user1 need access to all sections, for example if he has a tech man that manage his site for him. In this case I don't want user1 to have access into sections where he can change something that shouldn't be changed.
 
rellect said:
I've noticed that user id 1 can see all admin sections, the admin permissions does not apply.
If this is by design I think it's need a change as not always user1 need access to all sections, for example if he has a tech man that manage his site for him. In this case I don't want user1 to have access into sections where he can change something that shouldn't be changed.
Click to expand...
I bet he's still superadmin!

Check your config.php;) and remove him from the superadmins array
 
Brogan said:
Indeed.

A Super Administrator always has all permissions in the ACP.
Click to expand...
I actually thought about it and tried that, but it didn't "fixed" that.
What I did was to remove the superAdmins line from the config.
But now I see that if I leave this line but set another userid, user1 indeed don't see what he shouldn't see.
 
Yes, you need to enter the user IDs of only those users who are super admins, comma separated.

If you remove the entry altogether there will be no super admins.
 
Actually, if you remove the line all together, it will use the default value which makes 1 the super admin (this can be seen in the control panel).

You can use an empty value though.
 
Mike said:
Actually, if you remove the line all together, it will use the default value which makes 1 the super admin (this can be seen in the control panel).

You can use an empty value though.
Click to expand...
But wouldn't it make more sense, to change the default config array and remove the userid 1 from the default superadmins array?

Stricly speaking, if it's not in the config.php then IMO nobody should be superadmin.
This way it's IMO very confusing.



Edit: http://xenforo.com/community/threads/remove-the-superadmin-user-in-default-config.66685/
 
Last edited:

Similar threads

spirogg
  • Question Question
XF 2.2 Is there a way to get all admin section settings from 1 file ?
Replies
1
Views
453
Paul B
P
Back
Top Bottom