[opencms-dev] User Role for Newsletter Module

Konstantin Ott kott at abc-digital.com
Thu May 29 12:20:57 CEST 2008 

Hi,
well this is right and works well. The problem was, that it is not 
possible to create a Newsletter Unit in a subunit from the root Unit. A 
newsletter Unit always has root Unit as direct parent Unit, even if you 
create it in a subunit. Also it isnt possible to create a user with 
Account Manager role in the newsletter Unit. So it wasn't possible to 
have a Account Manager in the parent Unit of the newsletter unit that 
wasnt the root Unit.
But we found a way out:

1. Create a subunit with a new Account Manager
2. Create a newsletter unit
3. Move the newsletter unit in the VFS path /system/orgunits into the 
directory of the subunit created in 1)
Now the newsletter unit is a subunit of the subunit.

Bozidar Ilievski schrieb:
> Hi.
>
> I don't see what is the problem here.
>
> User having "Account Manager" role, can manage users in his 
> Organizational Unit and any sub Organizational Unit.
> He will NOT be able to edit users in the parent OUs.
>
> So, you only need to create this "newsletter manager" in a OU different 
> than the "root organizational unit".
>
> Regards,
> Bobi.
>
> Konstantin Ott wrote:
>   
>> Hi List,
>> did anything happen due to this mail from Christian Hellinger?
>> We are running into the same question...
>> regards
>> Konstantin Ott
>>
>> Christian Hellinger schrieb:
>>     
>>> Hello,
>>>
>>> we are using the Newsletter Module 1.0.0 in an OpenCms 7.0.3 installation 
>>> on a WAS 6.1 Express
>>>
>>> It's described in the manual of the newsletter module, that the "Account 
>>> manager" role is required to sent newsletters.
>>>
>>> My question is: How can I prevent a "newsletter manager" from changing 
>>> i.e. the password of the "Admin" account (what would mean that this user 
>>> could lock me, the admin, out of the system)? It seems that an Account 
>>> Manager is able to manage all users below _and_ above his current OU! 
>>>
>>> So, even if I create an Admin account in an OU parallel to the OU used by 
>>> this user, he could create an account in the root unit and disable my 
>>> account with this new account.
>>>
>>> Was this behaviour described above intended? Is there a way of restricting 
>>> the access of the Account Manager? If not, it seems to me that this is a 
>>> possible security risk.
>>>
>>>
>>> Best regards
>>>
>>> Christian Hellinger
>>>
>>> PS: I also found, that I can't add roles to users in the newsletter ou 
>>> directly, btw.
>>>
>>> --------------------------------------
>>>
>>> DREGER INFORMATION TECHNOLOGY
>>>
>>> J&J DREGER Consulting GmbH & Co. KG
>>> Carl-Benz-Str. 35
>>> D - 60386 Frankfurt am Main, Germany
>>>
>>> Phone :    +49-69-90479-0
>>> Fax   :    +49-69-90479-479
>>>
>>> Email :    christian.hellinger at dreger.de
>>> WWW   :    http://www.dreger.de
>>>
>>> --------------------------------------
>>>
>>> Consulting & Solutions: http://www.d-business.de
>>> Mobile Solutions Competence Center: http://www.d-business.de/mscc
>>>
>>> Business Development: http://www.1j1.com
>>> --------------------------------------
>>> Sitz / Registergericht: Frankfurt am Main / Amtsgericht Frankfurt am Main
>>> Registernummer: HRA 42705
>>> Geschaeftsfuehrer: Jens Dreger, Joerg Dreger
>>> USt.ID: DE244892265
>>> --------------------------------------
>>> Komplementaer-GmbH: J&J DREGER Verwaltungs GmbH, Carl-Benz-Str. 35, 60386 Frankfurt am Main
>>> Sitz / Registergericht: Frankfurt am Main / Amtsgericht Frankfurt am Main
>>> Registernummer: HRB 73891
>>> Geschaeftsfuehrer: Jens Dreger, Joerg Dreger
>>> --------------------------------------
>>> Diese E-Mail inklusive aller Anhaenge koennte vertrauliche und/oder rechtlich geschuetzte Informationen 
>>> enthalten. Wenn Sie nicht der beabsichtigte Adressat sind, der diese E-Mail irrtuemlich erhalten hat, 
>>> informieren Sie bitte sofort den Absender und vernichten Sie alle Kopien dieser E-Mail von Ihrem System. 
>>> Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet.
>>>
>>> This e-mail and any attachment (both hereinafter called as e-mail)  may contain confidential and/or privileged 
>>> information. If you are not the intended recipient or have received this e-mail in error please notify the sender 
>>> immediately and destroy all copies of this e-mail from your system. Any unauthorised copying, disclosure or 
>>> distribution of the material in this e-mail is strictly forbidden.
>>>
>>>
>>> _______________________________________________
>>> This mail is sent to you from the opencms-dev mailing list
>>> To change your list options, or to unsubscribe from the list, please visit
>>> http://lists.opencms.org/mailman/listinfo/opencms-dev
>>>
>>>   
>>>       
>>     
>
>   


-- 
Mit besten Grüssen / with best regards


Konstantin Ott
abc Neue Medien | Systementwickler
___________________________________________


Albert Bauer KG

Conventstr. 1-3

22089 Hamburg | Germany

Phone: +49 40 25109-224

Fax: +49 40 25109-121

mailto:kott at abc-digital.com 

http://www.abc-digital.com

____________________________________________

Albert Bauer KG (GmbH & Co.)
P.H.G. Reproduktionsgesellschaft Conventhaus mbH
Sitz der Gesellschaft: Hamburg
Handelsregister: Amtsgericht Hamburg HRB 11120
Geschäftsführer: Harald Dau, Carsten Dau, Rolf Gehrke, Marcus Müller

More information about the opencms-dev mailing list