Hi, I hit a problem with user permissions within the Django admin area. The other day I gave a user add/edit/delete permissions to the user object so that they could manage staff access on the websites. However, in doing this that particular user is now able to create other users with greater permissions than himself, even promoting others to superuser status. Furthermore that user could also turn himself super by editing his own profile. Is this a known problem? Is there a way to work around it? Or is there a planned fix. I running off SVN.
Thanks. -- -- Ca-Phun Ung --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
