留言板

  1. 主页
  2. Development
  3. Role that can create other roles

Role that can create other roles

Jim Levois,修改在11 年前。

Role that can create other roles

New Member 帖子: 7 加入日期: 13-1-29 最近的帖子
Hi guys,

I need to create a role that can create other roles.

If I'm right, only the superAdmin can create roles. But this is my problem: I'd like to let the "site's administrator" create their own roles without borring the super administrator.
To do that, my superAdmin can create a "normal" role named "Role creation" with its "Roles" associated permissions (Portal/roles and control panel/roles). I can then assign this new role to a site administrator, so he can view and modify existing roles.

But there's 2 problems :
- this site administrator can not add a new role : the 'Add' button is not accessible
- this site administrator must not have access to the Administrator role (assign members)

Does anybody know how to do that ?
Liferay Version : 6.1.0
thumbnail
David H Nebinger,修改在11 年前。

RE: Role that can create other roles

Liferay Legend 帖子: 14915 加入日期: 06-9-2 最近的帖子
Roles are global options, there are no site-specific roles. If a site admin added a role, it would be visible to all site admins.
Jim Levois,修改在11 年前。

RE: Role that can create other roles

New Member 帖子: 7 加入日期: 13-1-29 最近的帖子
Thank you for this, interesting. So there is another minor visibility problem emoticon

But, my first problem is that my site administrator can't create roles.
Is there a way to do that ? Did I missed something ?
thumbnail
David H Nebinger,修改在11 年前。

RE: Role that can create other roles

Liferay Legend 帖子: 14915 加入日期: 06-9-2 最近的帖子
According to /html/portlet/enterprise_admin/role/toolbar.jsp, the user must have the ADD_ROLE permission in order to see the "Add Role" button.

So basically you'd need to pull up your site admin role, then go to the "Define Permissions" tab. Choose "General" from the dropdown, check the box next to "Add Role", and save.
Jim Levois,修改在11 年前。

RE: Role that can create other roles

New Member 帖子: 7 加入日期: 13-1-29 最近的帖子
Thanks a lot David !emoticon

Here we are: my site admin can now create its own roles.
By the way, he can create admin roles too, what is too dangerousemoticon. If I well understand, I can't forbid that right ?

So, is there another way to allow site admin to manage its customers pages/permission if I can't do that with roles ?

For exemple:
Team1
-------own page1
-------view page2
-------view page3
Team2
-------own page2
Team3
-------own page3

Jim++