Not a bug User 1 can see all admin sections even if the permission is off

R

refael

Well-known member
I've noticed that user id 1 can see all admin sections, the admin permissions does not apply.
If this is by design I think it's need a change as not always user1 need access to all sections, for example if he has a tech man that manage his site for him. In this case I don't want user1 to have access into sections where he can change something that shouldn't be changed.
 
rellect said:
I've noticed that user id 1 can see all admin sections, the admin permissions does not apply.
If this is by design I think it's need a change as not always user1 need access to all sections, for example if he has a tech man that manage his site for him. In this case I don't want user1 to have access into sections where he can change something that shouldn't be changed.
Click to expand...
I bet he's still superadmin!

Check your config.php;) and remove him from the superadmins array
 
Brogan said:
Indeed.

A Super Administrator always has all permissions in the ACP.
Click to expand...
I actually thought about it and tried that, but it didn't "fixed" that.
What I did was to remove the superAdmins line from the config.
But now I see that if I leave this line but set another userid, user1 indeed don't see what he shouldn't see.
 
Yes, you need to enter the user IDs of only those users who are super admins, comma separated.

If you remove the entry altogether there will be no super admins.
 
Actually, if you remove the line all together, it will use the default value which makes 1 the super admin (this can be seen in the control panel).

You can use an empty value though.
 
Mike said:
Actually, if you remove the line all together, it will use the default value which makes 1 the super admin (this can be seen in the control panel).

You can use an empty value though.
Click to expand...
But wouldn't it make more sense, to change the default config array and remove the userid 1 from the default superadmins array?

Stricly speaking, if it's not in the config.php then IMO nobody should be superadmin.
This way it's IMO very confusing.



Edit: http://xenforo.com/community/threads/remove-the-superadmin-user-in-default-config.66685/
 
Last edited:

Similar threads

M
XF 1 Users can delete email
Replies
0
Views
308
matyprot
M
E
  • Question Question
XF 2.2 How to make all registered users reply like unregistered w/ reply permissions?
Replies
10
Views
352
EchoRomeo
E
R
Permission for admin to react on moderated posts.
Replies
0
Views
219
Robert9
R
C
Improving the 'feel' and access of our forum
2
Replies
37
Views
1K
ChrisArthur7769
C
A
Setting threads to "private"
2
Replies
33
Views
1K
Alvin63
A
Top Bottom