This is the community forum. For a developer response use the Client Area.
Follow us on Facebook, Twitter and YouTube!

OK, I found something that shouldn't happen, but it does.

I'm the web master for a local cab company website, and the company owner wanted me to add him to the admin list so that he could keep an eye on user activity and to approve any comments, etc etc, which I did, but unchecked the 'Super' box, so that he is only just a normal admin, whereas I'm the super admin as the account that was first setup, I sent him all the details of how to change his password, but now found out he deleted me from the list because he was able to set himself as a super admin, but being I have sole access to the hosting company to maintain the website, I have 2 options, either rename the commentics folder, or wipe it off the site.

There should only be one super admin account, and that is the account that gets created when commentics is first installed, and any other admins are just admins and have no access to delete or remove other admins, they can request the super admin to delete them if needed or the normal admin can disabled themselves, thus logging themselves out and preventing further logins, but they should NOT have the ability to give themselves super admin access with powers to delete other admins including super ones, and that's how this person deleted me.

Thanks for your feedback. Currently the only difference between a super admin and a regular admin is that the super admin is notified by email when there's a new version of Commentics. This is described in the help page if you click the 'Get help for this page' link when adding/editing an admin. I appreciate not many people click that though, especially given that a lot of the help pages don't exist yet.

At the moment, if you want to stop another admin from deleting your account, you would have to use the 'Restrict Pages' setting to restrict it so that they can't modify the 'Manage -> Admins' pages.

I've just looked up what the typical role of a super admin is and you're right to expect it to work the way that you've described, so I'll change how this works in the next version. With your way I guess there wouldn't even be any need for a super admin setting? I think it would be good if a super admin can make another admin a super admin. Then there would just need to be some logic to make sure a super admin can't lower their status to a regular admin if they're the only super admin.

If you have access to the database you could regain control by resetting the password of their account:

Have you completed the interview?

Thanks for replying, and yes I have complete control over every aspect of the website (ftp, telnet via SSH, MyPHPAdmin, and the KVM), he only had control over the admin area of the comments section.

Forum Jump:

Users browsing this thread: 1 Guest(s)