Ticket #13387 (confirmed Bug)
Site Administrator Permissions hard to modify
Reported by: | frisi | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | 4.x |
Component: | Backend (Python) | Version: | 4.2 |
Keywords: | Cc: |
Description
if you want to take away the permission "Plone Site Setup: Mail" from the Site Administrator role you have to:
1) visit plone/manage_access 2) scroll down to "Plone Site Setup: Mail" 3) uncheck "aquire" 4) NOT FORGET to set the permission for "Manager" 5) save
all that should be necessary is
1) visit plone/manage_access 2) scroll down to "Plone Site Setup: Mail" 3) uncheck the "site administator" role 4) save
plone.app.controlpanel should not add the permissions _and_ role-mappings in permissions.zcml on zope root level but use a GS rolemap.xml.
this way all the permission settings would be set on plonesite level, not zope root.
the security tab on zope root level does not even show the "site administrator" role at all. so it's not possible to edit w/o adding the role manually first.