On 08/07/2012 12:35 PM, mpat...@inforelay.com wrote:
2. In user management, clearly there is the concept of groups if evidenced only in the silliness of "accounts/admin/users/admin" before one can change the 'admin' user account's password. At the very least introduce the word "group" at the top level. I suggest renaming the 'admin' group to 'cloud admins' or 'super-users' or something that denotes their supreme rights.
This one threw me for a loop as well, then I sort of hacked my brain to understand it. This seems to have been written with a commercial hosting provider in mind, so "Account" is actually a Customer, and each Customer can have multiple users. This then immediately falls apart when you make an "Account" an administrator on the root domain, and then he can go willy nilly anywhere he wants and do anything he pleases with root privileges, not confined to an account.
Then when you figure out "Subdomains" a light goes off and you have another AH-HA moment, and create two accounts at a subdomain level, each capable of holding multiple users, one account for admin, and one account for users, but then you realize the Domain admin account is very anemic, and really gets no admin privileges delegated to him, and he has to defer most admin functions back up to a root admin.
Tis a bit broken. -- Nik
