User role permissions

e9li · August 26, 2020, 5:21pm

In my project I have three roles, admin, manager and editor. The admin of course can edit and all users. The manager should be able to add new editors and edit them. I have the following blueprint for the manager

permissions:
    access:
        panel: true
        site: true
        settings: false
        users: true
    users:
        changeRole: false
        delete: false

With this blueprint the manager can also edit the administrators password and email. This of course should not be possible. How can I prevent the other roles to edit user(s) with admin role?

ahmetbora · August 26, 2020, 6:03pm

As far as I know there is no such restriction feature. There is an idea about that:

But I think you can do what you want with hooks:

e9li · August 26, 2020, 6:23pm

Thank you for the fast reply and tipps. I will have a look into hooks, always good dive into something new
But still, I think the possibility to prevent users to change an admin should be a default feature.

Topic		Replies	Views
User create / edit / remove restriction for a user role Questions	5	63	October 3, 2024
Editor role has access to admin role Questions v2	8	621	February 6, 2025
Cannot edit User roles even if the permissions allow it Questions v4	4	33	September 16, 2024
Is it possible to define wich role can creat useres with which roles? Questions v3	3	467	April 2, 2020
User and Users permissions Questions	4	35	August 3, 2024

User role permissions

Related topics