Grouper Developers Forum

[Chris Hyzer <>]

If you want the entity who created the group to not get admin on group create, might be able to do that with a rule, I can check if you like.  If not, a hook.  Is it only for groups in a certain folder?

 

If you want the admin privilege to be based on the source of create group, this can be done with the hook.  Let me know if you need help.

 

Thanks,

Chris

 

From: [mailto:] On Behalf Of Gagné Sébastien
Sent: Tuesday, February 12, 2013 11:09 AM
To:
Subject: [grouper-dev] Leftover privileges

 

Hi,

I our delegated setup, admins are member of a department admin group. This group gives “create group” privileges on a folder. One problem we run into is that when a user creates a folder he automatically gets admin right with his own user account.

 

This will cause much problems when admins either are removed from the department or move to another one. I both cases the user will keep his admins rights on the groups he created while being an admin even though he isn’t supposed to.

 

I understand that a user must get admin rights on the groups he creates to be able to modify it (i.e. he created the group, surely he can manage it), but would it be possible that these privileges be based on the “source” of this “create group” privilege ?

 

In my case, the group “0340-admins” gives the right to create the group in the folder, not a privileges based on the user, but the admin privilege is given to the group member “lokban” that created the group. (I also create a rule which gives admin right on groups in that folder to that group so other can be admin)

 

 

 

Sébastien Gagné,     | Analyste en informatique

514-343-6111 x33844  | Université de Montréal,

                     | Pavillon Roger-Gaudry, local X-100-11