Topics

User Functions

Events

There are no upcoming events

What's New

Stories last 2 weeks

No new stories

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Thursday, April 24 2014 @ 03:32 PM EDT


 Forum Index > General Discussions > Feedback New Topic Post Reply
 GL for a small sports club
   
1000ideen
 02/24/07 08:10AM (Read 2740 times)  
+++++
Full Member
working

Status: offline


Registered: 08/04/03
Posts: 1279
The problem:
I was thinking of how to handle a site with many users and several story editors and user admins.

Lets say it is a small sports club and there is me, the technical root admin, there is 1 chief editor (story and user admin), 5 general editors (story admins), 1 treasurer (user admin), 200 known members of the club (group-football), 2000 fans (group-fans).

A) What are the most dangerous things admins can do (accidentally)? It is less a matter of faith it is rather accounts being hacked or unexperienced admins doing wrong steps.

- Deleting topics is most dangerous as they also delete all the stories.
- Mass deleting users could be a massive problem too.

Anything else that is not repairable?

There is alsready the config variable "onlyrootfeatures". What do you think of the possible settings only root may batchdelete users or delete topics?

Would the best solution be to make user.mass.delete and topic.delete separate rights?
There is a feature request [#563] "topic.delete should be a separate right" .
http://project.geeklog.net/tracker/index.php?func=detail&aid=563&group_id=6&atid=108


Cool I noticed that user admins cannot add a user to a goup say "group-football" if they are not group admins. I don`t really want to make the user admin also group admin. Is there a chance to give user admins the right to add or delete users to groups but not be group managers? I think this is quite logical, isn`t it?


C) Unfortunately all email notifications go to the root admin. This should be routable to the various admins.

 
Profile Email Website
 Quote
jmucchiello
 02/24/07 03:30PM  
+++++
Full Member

Status: offline


Registered: 08/29/05
Posts: 985
Quote by: 1000ideen

Would the best solution be to make user.mass.delete and topic.delete separate rights?

I'm always in favor of finer grain rights.
Cool I noticed that user admins cannot add a user to a goup say "group-football" if they are not group admins. I don`t really want to make the user admin also group admin. Is there a chance to give user admins the right to add or delete users to groups but not be group managers? I think this is quite logical, isn`t it?
In this case a "group.assign" feature is probably a better method. You don't necessarily want all your user.admins assigning group membership. I would say group.edit presume group.assign or that could be configured via $_CONF. You should make a feature request for this. Others probably could use it.

C) Unfortunately all email notifications go to the root admin. This should be routable to the various admins.

I've seen this on the forums before, I think. Again, make a feature request.

 
Profile Email
 Quote
1000ideen
 02/26/07 06:08AM  
+++++
Full Member

Status: offline


Registered: 08/04/03
Posts: 1279
Thanks for your feedback.

As for me I think that the user admin should always be able to assign users to groups. That`s quite normal and daily business. Somebody signs up and has to be assigned to a group. Whereas editing a group is extremely rare and more a task that an admin does once a year.

Arrow Anyone else runing a 'big' site and thinking about possible problems or more usability? :kickcan:

 
Profile Email Website
 Quote
1000ideen
 02/27/07 06:03PM  
+++++
Full Member

Status: offline


Registered: 08/04/03
Posts: 1279
I just noticed that with xoops it is the group manager who assigns a group to a block. In Geeklog it is the block admin.

Well, if the block admin and the story admin both assign groups to either blocks or stories then the user admin should logically be able to assign groups to a user.

 
Profile Email Website
 Quote
Content generated in: 0.31 seconds
New Topic Post Reply

Normal Topic Normal Topic
Sticky Topic Sticky Topic
Locked Topic Locked Topic
New Post New Post
Sticky Topic W/ New Post Sticky Topic W/ New Post
Locked Topic W/ New Post Locked Topic W/ New Post
View Anonymous Posts 
Able to post 
Filtered HTML Allowed 
Censored Content