MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > More options in admin permissions.
Full Version: More options in admin permissions.
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

kavin

2011-07-22, 10:42 AM
Currently there is a limitation in Admin permissions.
Consider a forum where we appoint another user as admin and restrict him from doing some operations (like database backup, accessing plugins, etc) through the "Admin Permissions" option.
That's person (the new admin), when add another user to "Administrators" group, the newly added one can access all the features that are restricted to the person who added him.

To avoid a person from getting our database we will most probably restrict that option to him when we make one an admin. But what if he make another account, make it an admin and access the database. Once he achieves what he wants (like taking a backup of database), he can easily revert the new account to normal user account and super admin won't have a clue about it.

I know there is an option to restrict them from managing usergroups (so that they can't add anyone to admin group). But that won't be a good solution, as it will restrict them from managing any usergroup, even if we have a group like "VIP" which needs frequent management.

pompano

2011-07-25, 08:26 AM
I removed my database back up option in the Admin Panel. I think it is pointless having it their when really only the owner should have access to the database where he can back it up via Phpmyadmin. Having the database backup in the Admin Panel is one fault in mybb in my opinion.

kavin

2011-07-25, 02:59 PM
Nope. Its a necessary feature, as it saves time in accessing phpmyadmin.

Reku

2011-07-25, 03:10 PM
The other admin lays in paranoia that I'll ban him and still the site for myself. >_>

kavin

2011-07-25, 03:51 PM
Though you ban him, he still has your Forum database. Smile

What if he sells it somewhere (probably in a hacking forum)?

Reku

2011-07-25, 04:51 PM
(2011-07-25, 03:51 PM)kavin Wrote: [ -> ]Though you ban him, he still has your Forum database. Smile

What if he sells it somewhere (probably in a hacking forum)?

He doesn't stand how it all works. Also, he doesn't have the database, he just has an admin cp. I'm explaining it though... Slowly.

linguist

2011-07-25, 05:41 PM
Go to your ACP /index.php?module=user-admin_permissions&action=group
Select the usergroup the admin is in (default: 4), and uncheck/check the rights for the group as you see fit. Just make sure the group cannot manage admin permissions (e.g. go to the "Users & Groups" tab and set "Can manage admin permissions?" to "no"). Then give yourself individual rights as needed. That way, if the other admin adds a new admin, that new account does not automatically get the full set of rights but the predefined (limited) set of the group, and only you can change it.

kavin

2011-07-25, 05:48 PM
(2011-07-25, 04:51 PM)Reku Wrote: [ -> ]
(2011-07-25, 03:51 PM)kavin Wrote: [ -> ]Though you ban him, he still has your Forum database. Smile

What if he sells it somewhere (probably in a hacking forum)?

He doesn't stand how it all works. Also, he doesn't have the database, he just has an admin cp. I'm explaining it though... Slowly.
Hmm. When he have access to ACP, he has access to database as well.

(2011-07-25, 05:41 PM)linguist Wrote: [ -> ]Go to your ACP /index.php?module=user-admin_permissions&action=group
Select the usergroup the admin is in (default: 4), and uncheck/check the rights for the group as you see fit. Just make sure the group cannot manage admin permissions (e.g. go to the "Users & Groups" tab and set "Can manage admin permissions?" to "no"). Then give yourself individual rights as needed. That way, if the other admin adds a new admin, that new account does not automatically get the full set of rights but the predefined (limited) set of the group, and only you can change it.

Thanks linguist. Smile
That solves it. Never thought in that way, sorry.

pompano

2011-07-25, 06:44 PM
(2011-07-25, 02:59 PM)kavin Wrote: [ -> ]Nope. Its a necessary feature, as it saves time in accessing phpmyadmin.

You serious lol? It probably would take me the same time accessing phpmyadmin to do backup.

Login to cp
click phpmyadmin
click database
export database


login to admin panel
click tools and maintenance
click database backup
then click to backup

It would not be too much different in time tbh.

kavin

2011-07-26, 02:19 AM
(2011-07-25, 06:44 PM)pompano Wrote: [ -> ]
(2011-07-25, 02:59 PM)kavin Wrote: [ -> ]Nope. Its a necessary feature, as it saves time in accessing phpmyadmin.

You serious lol? It probably would take me the same time accessing phpmyadmin to do backup.

Login to cp
click phpmyadmin
click database
export database


login to admin panel
click tools and maintenance
click database backup
then click to backup

It would not be too much different in time tbh.

Its like that if its done individually.
But most of the times you will be logging into ACP, and its quite good to get backup through it.
And don't forget, some hosts asks a separate login for phpmyadmin too. So, it makes an extra step. Toungue
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > More options in admin permissions.