[wp-trac] Re: [WordPress Trac] #2775: Ability for all users to add
users of lesser cabable roles
WordPress Trac
wp-trac at lists.automattic.com
Sat Jun 3 09:05:56 GMT 2006
#2775: Ability for all users to add users of lesser cabable roles
----------------------------+-----------------------------------------------
Id: 2775 | Status: new
Component: Administration | Modified: Sat Jun 3 09:05:56 2006
Severity: enhancement | Milestone:
Priority: normal | Version: 2.1
Owner: anonymous | Reporter: doit-cu
----------------------------+-----------------------------------------------
Comment (by markjaquith):
I know what you're saying. Basically, "edit_users" is God mode. You can
edit yourself and give yourself any other capabilities you want, or
upgrade other users to have capabilities that you didn't originally have.
The only way I see around it is to have two capabilities... edit_users and
edit_lesser_users. People with edit_lesser_users wouldn't be able to edit
their own capabilities, and would only be allowed to give other people
capabilities that they have themselves (minus edit_lesser_users, natch),
and wouldn't be allowed to edit users who have capabilities that they
don't have themselves.
The word "lesser" suggests a hierarchy, but it's a binary hierarchy...
they can only edit people whose capabilities are common to their own.
It's really more like edit_less_capable_users. It's also role-agnostic,
which is very important.
Otherwise, you have to resign yourself to the fact that anyone who can
edit users can do anything they want.
--
Ticket URL: <http://trac.wordpress.org/ticket/2775>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list