Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 12:33 pm EDT

Geeklog Forums

GL for a small sports club


Status: offline

1000ideen

Forum User
Full Member
Registered: 08/04/03
Posts: 1298
working
The problem:
I was thinking of how to handle a site with many users and several story editors and user admins.

Lets say it is a small sports club and there is me, the technical root admin, there is 1 chief editor (story and user admin), 5 general editors (story admins), 1 treasurer (user admin), 200 known members of the club (group-football), 2000 fans (group-fans).

A) What are the most dangerous things admins can do (accidentally)? It is less a matter of faith it is rather accounts being hacked or unexperienced admins doing wrong steps.

- Deleting topics is most dangerous as they also delete all the stories.
- Mass deleting users could be a massive problem too.

Anything else that is not repairable?

There is alsready the config variable "onlyrootfeatures". What do you think of the possible settings only root may batchdelete users or delete topics?

Would the best solution be to make user.mass.delete and topic.delete separate rights?
There is a feature request [#563] "topic.delete should be a separate right" .
http://project.geeklog.net/tracker/index.php?func=detail&aid=563&group_id=6&atid=108


Cool I noticed that user admins cannot add a user to a goup say "group-football" if they are not group admins. I don`t really want to make the user admin also group admin. Is there a chance to give user admins the right to add or delete users to groups but not be group managers? I think this is quite logical, isn`t it?


C) Unfortunately all email notifications go to the root admin. This should be routable to the various admins.
 Quote

Status: offline

jmucchiello

Forum User
Full Member
Registered: 08/29/05
Posts: 985
Quote by: 1000ideen

Would the best solution be to make user.mass.delete and topic.delete separate rights?

I'm always in favor of finer grain rights.
Cool I noticed that user admins cannot add a user to a goup say "group-football" if they are not group admins. I don`t really want to make the user admin also group admin. Is there a chance to give user admins the right to add or delete users to groups but not be group managers? I think this is quite logical, isn`t it?
In this case a "group.assign" feature is probably a better method. You don't necessarily want all your user.admins assigning group membership. I would say group.edit presume group.assign or that could be configured via $_CONF. You should make a feature request for this. Others probably could use it.

C) Unfortunately all email notifications go to the root admin. This should be routable to the various admins.

I've seen this on the forums before, I think. Again, make a feature request.
 Quote

Status: offline

1000ideen

Forum User
Full Member
Registered: 08/04/03
Posts: 1298
Thanks for your feedback.

As for me I think that the user admin should always be able to assign users to groups. That`s quite normal and daily business. Somebody signs up and has to be assigned to a group. Whereas editing a group is extremely rare and more a task that an admin does once a year.

Arrow Anyone else runing a 'big' site and thinking about possible problems or more usability? :kickcan:
 Quote

Status: offline

1000ideen

Forum User
Full Member
Registered: 08/04/03
Posts: 1298
I just noticed that with xoops it is the group manager who assigns a group to a block. In Geeklog it is the block admin.

Well, if the block admin and the story admin both assign groups to either blocks or stories then the user admin should logically be able to assign groups to a user.
 Quote

All times are EDT. The time is now 12:33 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content