• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Not a bug User 1 can see all admin sections even if the permission is off

rellect

Well-known member
#1
I've noticed that user id 1 can see all admin sections, the admin permissions does not apply.
If this is by design I think it's need a change as not always user1 need access to all sections, for example if he has a tech man that manage his site for him. In this case I don't want user1 to have access into sections where he can change something that shouldn't be changed.
 

xf_phantom

Well-known member
#2
I've noticed that user id 1 can see all admin sections, the admin permissions does not apply.
If this is by design I think it's need a change as not always user1 need access to all sections, for example if he has a tech man that manage his site for him. In this case I don't want user1 to have access into sections where he can change something that shouldn't be changed.
I bet he's still superadmin!

Check your config.php;) and remove him from the superadmins array
 

rellect

Well-known member
#4
Indeed.

A Super Administrator always has all permissions in the ACP.
I actually thought about it and tried that, but it didn't "fixed" that.
What I did was to remove the superAdmins line from the config.
But now I see that if I leave this line but set another userid, user1 indeed don't see what he shouldn't see.
 

Brogan

XenForo moderator
Staff member
#5
Yes, you need to enter the user IDs of only those users who are super admins, comma separated.

If you remove the entry altogether there will be no super admins.
 

Mike

XenForo developer
Staff member
#7
Actually, if you remove the line all together, it will use the default value which makes 1 the super admin (this can be seen in the control panel).

You can use an empty value though.
 

xf_phantom

Well-known member
#9
Actually, if you remove the line all together, it will use the default value which makes 1 the super admin (this can be seen in the control panel).

You can use an empty value though.
But wouldn't it make more sense, to change the default config array and remove the userid 1 from the default superadmins array?

Stricly speaking, if it's not in the config.php then IMO nobody should be superadmin.
This way it's IMO very confusing.



Edit: http://xenforo.com/community/threads/remove-the-superadmin-user-in-default-config.66685/
 
Last edited: