[TYPO3-core] Access-rights in BE-users
Stefan Neufeind
typo3.neufeind at speedpartner.de
Fri Mar 21 09:15:02 CET 2014
On 03/20/2014 11:20 PM, Christian Kuhn wrote:
> On 03/20/2014 07:59 PM, Stefan Neufeind wrote:
>> I recently got asked if there is a specific reason why BE-users alone
>> can't have access-rights (allowing them certain modules or so) assigned
>> to them but only through a BE-group. You can already assign them
>> separate mountpoints.
>>
>> Since rights are merged internally anyway (from all groups the person
>> might be member of etc.), I expect that's "just" a question of showing
>> those fields in the BE-record (TCEFORMS).
>> In contrast to FE-users the users in BE can live pretty well without a
>> BE-group. So would it make context to show those fields in BE-users as
>> well?
>
> Nah. Groups/roles are the way to go, I'd rather go the opposite way and
> deny defining special right for single users to force admins thinking
> about sane setups. From my experience, access rights granted to single
> users *always* fail sooner or later.
Okay, agreed. As discussed I'll take a look at the other way around
then: Shortening the configuration in users even further (mountpoints?)
so that everything belonging to access etc. is in one place (the
groups). Expect a review in the evening hopefully.
Kind regards,
Stefan
More information about the TYPO3-team-core
mailing list