Forum Discussion

Boss

11 years ago

Let user without permission add a role

Hi everyone, I'm looking to let certain super users add a specific role to any user. Obviously I don't want to give them the full permission to change roles, so I was wondering if anyone has a code ...

Tim_h
11 years ago
I'll send you a PM with some details PerBonomi !

PaoloT

Lithium Alumni (Retired)

The approach suggested by nathan seems solid. You may also want to either hardcode the role to grant (in the endpoint), or if it is passed as a parameter, that the parameter is checked against a whitelist of roles that the superusers are supposed to be able of granting (just to avoid someone exploiting the endpoint to add arbitrary roles)

PerBonomi

Boss

11 years ago

Thanks guys, I think I understand the principle of how it's supposed to work now. The only way to elevate a user's permission is to use Freemarker to do a restadmin call/post, and that needs to be done with the help of a endpoint. My problem is having an actual example. Without a working example of a component and a endpoint I'm lost.

Forum Discussion

Let user without permission add a role

Related Content

permissions for the user biography based on user roles

Re: Permission descriptions

About Content permissions

API Content and User Permissions

Re: Set forum permissions

Recent Discussions

How to Contact Roadrunner: Comprehensive Guide

How to fetch all labels associated with TkbArticlePage and count how many times each label is used

In Aurora, add additional <script> and <meta> tags

Setup content filter for arabic language

24.10 API change breaks navigation