AW: [opencms-dev] user rights module access

Thu Feb 6 17:42:50 CET 2003

Hi Michael,

Another way around this would be to change the isVisible property method 
on all administration modules and have it point to a method that 
determines if the user is the real "Admin" and not just in the Admin group.

Michael Emmerich wrote:

>Hello Jorg,
>
>this is correct, you must be a member of the Admistrator group to edit or
>create new CmsUsers. Its implemented this way since all CmsUsers created in
>the
>user adminstation will be able to log in the OpenCms workplace with their
>account.
>
>The only kind of user that can be created by others than the adminstrator
>group are the WebUsers, which will be used if you want to build a site
>with user logins or personalization on the frontend. WebUsers cannot log in
>the OpenCms workplace and are not shown in the user adminstration, you
>will have to write your own backoffice module for them. 
>
>Regards,
>Michael Emmerich
>
>OpenCms Professional Services
>Framfab Deutschland AG
>http://www.framfab.de
>http://opencms.framfab.de
>
>
>
>-----Ursprüngliche Nachricht-----
>Von: Jorg Heymans [mailto:jh at coeno.com]
>Gesendet: Donnerstag, 6. Februar 2003 16:41
>An: opencms-dev at www.opencms.org
>Betreff: Re: [opencms-dev] user rights module access
>
>
>Hi,
>I have found the following code for saving a user in 
>CmsResourceBroker.java :
>
>        if( isAdmin(currentUser, currentProject) || 
>(currentUser.equals(user)) ) {
>
>            // prevent the admin to be set disabled!
>            if( isAdmin(user, currentProject) ) {
>                user.setEnabled();
>            }
>            m_dbAccess.writeUser(user);
>            // update the cache
>            clearUserCache(user);
>            m_userCache.put(user.getName()+user.getType(),user);
>        } else {
>            throw new CmsException("[" + this.getClass().getName() + "] 
>" + user.getName(),
>                CmsException.C_NO_ACCESS);
>        }
>
>
>This to me looks like that unless you're member of the admin group, 
>there is no way you can create/edit/delete users.
>Can anyone confirm this observation ?
>
>Regards
>Jorg Heymans
>
>Jorg Heymans wrote:
>
>  
>
>>Hi,
>>
>>Is there any way to make the opencms User mgmt module available to 
>>non-Admin users (opencms 4.7.7)
>>I have tried setting the permissions on folder 
>>/system/workplace/administration/user to rwvrwvrwv- (including all 
>>subfolders and files). The effect was that a normal user was able to 
>>see the user mgmt module now, however was unable to save any 
>>modifications made to a user. (getting a CmsException "Access denied").
>>
>>How can I enable this without adding one of our users to the Admin 
>>group ?
>>
>>Thanks
>>Jorg Heymans
>>
>>
>>    
>>
>
>  
>