Limiting assignment of roles

jkreuzig's Avatar


19 Oct, 2010 11:45 PM

I put this in the Ideas Forum, but I thought it might be of interest here:

Once a user has the Manager role (global), they then can create users and groups that are assigned the Administrator role (global). This is not a very secure way of doing things, especially in a distributed environment such as ours.

It ties in with a previous suggestion that to break down role creation to "global" vs. "site":

  1. Support Staff 1 Posted by Tim on 09 Nov, 2010 08:48 PM

    Tim's Avatar

    Hi there,

    It sounds like users in your instance have READ access to the Administrator Role. Try this:

    • Log in as an Administrator
    • In the Administration area, go to Users, Groups, & Roles
    • Click Roles
    • Click on Administrator
    • While viewing the Administrator Role, click the Access tab
    • Change the ALL setting to None

    Now, the ability for Managers to create new users as Administrators should not be an option.

    Let me know if this helps.

  2. 2 Posted by jkreuzig on 09 Nov, 2010 09:10 PM

    jkreuzig's Avatar


    All I can say is DOH! I don't know why I didn't think about this. I guess I have spent to much time staring at this to see the obvious solution!



  3. jkreuzig closed this discussion on 09 Nov, 2010 09:10 PM.

Discussions are closed to public comments.
If you need help with Cascade CMS please start a new discussion.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac


26 Aug, 2016 01:19 PM
25 Aug, 2016 03:02 PM
25 Aug, 2016 12:50 PM
24 Aug, 2016 08:43 PM
24 Aug, 2016 07:20 PM
21 Aug, 2016 01:20 PM