Skip to Content.
Sympa Menu

grouper-dev - [grouper-dev] Leftover privileges

Subject: Grouper Developers Forum

List archive

[grouper-dev] Leftover privileges

Chronological Thread 
  • From: Gagné Sébastien <>
  • To: <>
  • Subject: [grouper-dev] Leftover privileges
  • Date: Tue, 12 Feb 2013 11:08:31 -0500
  • Authentication-results:; dkim=neutral (message not signed) header.i=none


I our delegated setup, admins are member of a department admin group. This group gives “create group” privileges on a folder. One problem we run into is that when a user creates a folder he automatically gets admin right with his own user account.


This will cause much problems when admins either are removed from the department or move to another one. I both cases the user will keep his admins rights on the groups he created while being an admin even though he isn’t supposed to.


I understand that a user must get admin rights on the groups he creates to be able to modify it (i.e. he created the group, surely he can manage it), but would it be possible that these privileges be based on the “source” of this “create group” privilege ?


In my case, the group “0340-admins” gives the right to create the group in the folder, not a privileges based on the user, but the admin privilege is given to the group member “lokban” that created the group. (I also create a rule which gives admin right on groups in that folder to that group so other can be admin)




Sébastien Gagné,     | Analyste en informatique

514-343-6111 x33844  | Université de Montréal,

                     | Pavillon Roger-Gaudry, local X-100-11


Archive powered by MHonArc 2.6.16.

Top of Page