Menu
▾
▴
Re: [Bodington-developers] Testing SP : groups-xml-mapper-policy
|
From: Matthew B. <mat...@ou...> - 2006-06-29 14:18:01
|
Alistair Young wrote: > yep, you're correct. So the sysadmins group has the same rights as > the allusers group! What's it for then? Sysadmin has less rights than allusers. allusers has see and view at /site > Is it the case that the user "sysadmin" has rights to everything but > the sysadmins group is basically meaningless? Yep. > Logging in as "sysadmin" lets you see all resources but no-one > specifically granted access to the user who logs in as "sysadmin". > Being added to the sysadmins group gets you access to nothing that > isn't public. Yep. the sysadmin group is worthless until it is granted some permissions to a resource. > To get sysadmin access to a resource you have to be in that > resource's owners group. So is the user who logs in as "sysadmin" a > member of every group on the system? Create a new group and > "sysadmin" gets added automatically? No. Sysadmin is only a member of some owners groups and some of the special groups by default. To get sysadmin rights to a resource you have to have the sysadmin permission over that resource (sysadmin is automatically inherited even if inherit is unchecked). As an example you *COULD* grant the allusers group sysadmin rights to /site and then every user would have sysadmin rights to the whole site. -- -- Matthew Buckett, VLE Developer -- Learning Technologies Group, Oxford University Computing Services -- Tel: +44 (0)1865 283660 http://www.oucs.ox.ac.uk/ltg/ |
