Hi,
there is the possibility to create an administrator user (with the ability to manage users in creation and editing), but inhibit all other features as administrator as:
System, Email, Developer Tools, Google Maps, Advanced OpenAdmin, Bugs, and other installed plugin entries.
What about going the other way around - making a user that is not and admin, but who can manage users? Have you tried creating such a role in Security Settings?
I don’t know if it will work, but it’s worth a try. Even if you need to add some bit of customization to get that working, it’s still going to be simpler than customizing all the other parts of the code where admin access is allowed and you would need to prevent it, in your original plan.
Hi,
I had already tried the proposed solution, but if I set the user as a normal user, in the roles I can not change the parameters for Users.
What do you mean, “Security Settings”?
Sorry, I simply meant SecuritySuite, the whole Roles/Groups scheme.
Maybe it’s only the UI that keeps you from giving access. You could try having a look at the database to see how the Roles are stored there, and give access to the Users module to this new role, even if the UI doesn’t show it.
I’ve looked at the acl_* tables, it’s not easy to interpret them but it seems that in the table acl_roles_actions, which links the role to the action, there is an access override field, which has values -99, 75 or 0… it seems to be the encoding found in the select values by inspecting the html in the role management… for example Owner -> 75, --none – -> -99 etc…
In theory you should be able to forcefully act on these tables… I’ll do some tests
I think it is more difficult than it seems because you have to insert new records in the acl_roles_actions table to assign the value 90 to the access_override field by tying the id of the desired role with the desired action on users. The problem is that the record id is not self-generated and I don’t know how to generate a new one.