Drupal:如何实现比正常主题和自己的主题权限更少的第二个管理员?
我目前正在尝试在 drupal 中实现第二个(较低的)管理层。我通过同名模块为这些用户创建了一个额外的部分,这样他们就可以有自己的主题等。我想在页面的部分为这些第二或较低的管理员提供一个菜单,他们可以在其中访问某些管理功能,例如管理其他用户和某些类型的内容等。我遇到的最大问题是安全不一致,例如第二个管理员可以使自己成为完整的管理员,因为我使用 drupals 自己的核心管理功能,并且无法弄清楚如何永久阻止某些内容功能但允许其他功能。在这种情况下,我想让第二个管理员能够创建和更改比他本人更低的层次结构中的用户角色,但无法更改或创建真正的管理员。这只是问题的一部分,但是,较小的问题是我无法保留第二个管理部分的主题设置,而无需复制现有的管理视图(如用户和内容的视图)并将重复项设置为我的部分下的一条路径。有什么建议吗?
I'm currently trying to realize a second (lower) admin layer in drupal. I have made an extra section via the module of the same name for those users so they can have their own theme etc. I want to give these second or lower admins a menu in their section of the page where they can access certain admin functions like administer other users, and certain types of content etc. The biggest problem I encounter is security inconsistency, e.g. the second admin could make himself a full admin because I use drupals own core admin functions and where not able to figure out how to permanently block certain features but permit others. In this case I want to make the second admin able to create and change roles of users in lower hierarchy than he himself, but not able to change to or create real admins. This is only a part of the problem however, smaller issue is that I'm not able to keep my theme set for the second admin section without having to duplicate the existing admin views (like those for users and content) and set the duplicates to a path under my section. Any suggestions?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这可能最好通过创建角色(管理员/用户/角色)然后定义该角色权限(管理员/用户/权限)来完成。然后只需创建一个属于该角色的用户(admin/user/user/create),定义一个菜单(admin/build/menu),其中包含您希望他们有权访问的链接,然后移动菜单块(admin/build/block ) 到您想要的区域,然后仅为该特定角色配置它。
没有一种简单的方法可以解决这个问题,只有大量的权限试验和错误。我建议您在一个浏览器中以 user/1 身份登录,然后以您在另一浏览器中创建的用户身份登录,并测试您设置的权限配置。
This would probably be best accomplished through creating a role (admin/user/roles) then defining that roles permissions (admin/user/permissions). Then just create a user(admin/user/user/create) belonging to that role, define a menu (admin/build/menu) with the links you want them to have access, then move the menu block (admin/build/block) to the region you want and then configure it for only that specific role.
There isn't exact an easy way to go about this, just a lot of permissions trial and error. I suggest you log in as user/1 in one browser and log in as the user you created with another browser and test the permissions config you've setup.