- ASPNET Zero 8.5.0.0
- MVC
- NET Core
This is a multitenant application. I login as Host and then go to a Tenant and select a User to login as (User A). User A has a Role that allows for adding Users but not Roles. As User A role I can see all the Users in the User Grid. As User A I can click the Active button and select someone who is and Admin with higher levels of Permissions than I have and click Login as this User Admin B. Now I have full Admin permissions and see the Roles link which I did not have access to as User A. Then of course I can create new Roles and even extend User A's Permissions. In theory I should not be able to login as Admin B. Is that handled through the Login for Users permission? (the documentation doesn't explain what every checkbox does)
Rick
1 Answer(s)
-
0
Hi @outdoored
Is that handled through the Login for Users permission?
Yes, you can revoke this permission if you want.
