CMS Made Simple Forums

I'm relatively new to CMSMS and was looking for a way to assign all new users to a particular group as a means of preventing new users from being created with too few or too many permissions.  I'm developing a site where the users won't really be administering the site itself but will be responsible for manging the content, so I want to put them all in a group similar to Editors, but want them to be able to create new users also in that group (but not any others).

Ideas?  Thanks!


Bret Wortman

This sounds like its pretty standard user and group management,

Either use the Editor group or make a new group ( User & Groups > Groups) Then assign the 'add new users privellage to that group.  Then just make sure any new users you add belong to that group.

Richard

The problem I have with this approach is that a user in the Editor group could log in, create a new user and assign that user to the Editor group.  But it requires two steps and is vulnerable in that the user could also promote him or herself to the Admin group and wreak all kinds of havoc on the site.

We're looking to have less-adept users managing the content while I remain responsible for all the more extreme stuff.  How can I make it so that new users end up with the right permissions (or group membership) automatically and can't promote themselves above their current group?

As a side note, it seems like a security hole that a user with less-than-admin permissions can get them with just two or three mouse clicks, doesn't it?


Bret

If you create the users, and just make sure that the users are in the appropriate (properly configured) groups, then you won't have problems.

There is no functionality in CMS to allow  people to create users only within certain groups.