0
geertveenstra created
Hi,
I have some users that can create other users (and assign roles to them), but I want to prevent those users to assign the Admin role to others (or themselves). Is this possible ? If not, maybe some hints about how I would go about preventing that ?
Optimally the roles should have some hierarchy where a user with a specific role can only assign roles lower than their own role ?
Geert Veenstra
2 Answer(s)
-
0
hi
I think you can restrict some conditions in the application service method of assigning roles.
-
1
Make sure the Admin role is not the default role assigned to newly created users.
Have an answer to this question?
Log in
and write your answer.