[Zope-CMF] permissions/roles
Sally Owens
sowens@brookes.ac.uk
Tue, 04 Feb 2003 17:05:51 +0000
Apologies if this is something that has been covered on this list (I've
only just joined but a quick glance at the archives didn't answer my
question)...
We want to create a user role of 'Web Manager' in our CMF site and we want
this user to be able to create new users but only new users *with a
particular role* i.e. we don't want someone in a 'Web Manager' role to be
able to create a new user and assign them the role of 'Manager', but we do
want them to be able to assign the role of 'Web Editor' to a new user (the
web editor role has fairly limited permissions).
This is really a question about devolving responsibility I guess. We don't
want to have to set up every new user and assign them a role - we want web
managers to be able to set up users (for their team), but not for them to
be able to set up very powerful user roles for these users. Is there a way
of either restricting a permission (so that the permission to add a new
user could be restricted to only allow the creation of users with certain
roles) or an easy way of adding a new permission to the security tab list
(so that we could have some sort of 'create a new Web Editor user' permission)?
All advice gratefully appreciated!
Sally