Opened 18 years ago
Closed 18 years ago
#2809 closed defect (bug) (fixed)
Better handling of users with no role
Reported by: | markjaquith | Owned by: | markjaquith |
---|---|---|---|
Milestone: | 2.1 | Priority: | normal |
Severity: | normal | Version: | 2.0.2 |
Component: | Administration | Keywords: | has-patch 2nd-opinion |
Focuses: | Cc: |
Description
Summary
user tables can be shared across multiple blogs, but roles and permissions are allocated on a per-blog basis. We need better handling of users with no role on the current blog.
Issues
- In the user list, there is no role listed for people who don't have one. We should replace this with text such as "No role on this blog" and italicize it so that it appears different from the other role names.
- * Screenshot of issue: http://img460.imageshack.us/img460/9127/wpusernoperms6ox.png
- When you edit a user with no role on the current blog, the role dropdown list doesn't match any role, so it just uses the first one... Administrator on default setups! This means that when you edit a user via the user administration panel on a blog on which that user has no role, you have to give that user a role on the current blog, and that role will be "Administrator" if you aren't paying attention. We need to create a new entry in the dropdown list "No role on this blog" and use that for users without a role.
I'll be working on patches for these issues.
Attachments (1)
Change History (6)
#1
@
18 years ago
- Keywords has-patch 2nd-opinion added
- Owner changed from anonymous to markjaquith
- Status changed from new to assigned
Try the uploaded patch on for size. David and Owen, especially.
#3
@
18 years ago
I'd also like to split caps into create_user, delete_user, add_user, edit_user, and remove_user. That way we can have admins for each blog who can add users to and remove users from the blog and then site admins who can create and delete users.
#4
@
18 years ago
What would be the difference between create_user
and add_user
? If add_user
means adding a user to the blog who already existed in the user table, how do we determine what role they're allowed to be given? We might be getting into another situation where a certain capability can be used as god-mode, e.g., adding a user to a blog as an administrator, that has more capabilities than you have.
Handle users with no role for the current blog (/trunk)