Is there a way with this module to allow that permission? For example, someone who is role "Creator" can create another user but only of role "Createe"?

Thanks

Comments

salvis’s picture

salvis
he/his
CreditAttribution: salvis commented
Status: Active » Fixed

RoleAssign could allow Creator to assign the role Createe, but this is not done automatically.

Rules probably allows you to do that.

Creator will need the 'administer users' permission, which is quite powerful! But RoleAssign will at least allow you to limit Creator's power.

RKS’s picture

RKS CreditAttribution: RKS commented
Title: Can you allow a user of role A to create users only of role B? » Is it a desired function of this module to allow other roles the ability to edit user 1?
Status: Fixed » Active

So no one can assign any user another role unless they have administer users? Have you accounted for the ability of users to block/alter UID1? If they cannot assign a role without being able to alter the superuser I can't imagine how useful this module is supposed to be.

I've installed your module and in all my tests the role is allowed to edit UID1. They can't delete or change the password but they can block, change the photo, change the fields, etc.

salvis’s picture

salvis
he/his
CreditAttribution: salvis commented

The essential thing is that they can't change the password or the email address of user 1 (or any user with the 'administer users' permission).

Changing any of the other fields doesn't lead anywhere except making user 1 mad, so, no sane person will do that. And if you have an insane user with privileges on your site, then you want to know about it...

I would prefer if you opened a new issue for a new issue, so that we can close one when it's done, and so that other users may be able to find it when they have a similar question as your original post. It saves me (hopefully) from having to answer the same question over and over again.

RKS’s picture

RKS CreditAttribution: RKS commented
Title: Is it a desired function of this module to allow other roles the ability to edit user 1? » Can you allow a user of role A to create users only of role B?
Status: Active » Closed (works as designed)

True. It is easier to track and I should have started a new issue. I will do just that for whatelse I found.

Also, I never commented on the previous issue to help other users who might have been wondering about the first issue.

I did test the module. It does allow you to assign Administer Users to one role and allow that role to only create or assign one other role that the administer has allowed them to do. So to answer the first issue I raised, yes, this module allows you to do that.

So I'm changing the title to reflect the first issue again and marking this as works as designed since according to the first issue raised this is a true statement. Thanks.