I'm struggling with a particular configuration problem.
I've got three classes of users... Ones that can work on reviews, ones that can
do anything (superusers), and ones I want to restrict to being able to muck
around with the admin/database models for changesets, diffs, and reviews.
The "Staff" setting is almost perfect for this in-between role, in that it
appears that I can set up a group that staff members belong to, and give
specific permissions to them. Notably, I can prevent them from changing
authorization config, scmtools, sites, and siteconfig. That fixes everything
under ./admin/db area, however, the staff members can still see the
./admin/settings/... URLs, and even change them.
Is there any way to block the settings (general, authentication, e-mail, ... )
from staff users? Or at least prevent them from making changes? I've been
digging around the code, and haven't figured it out.
I'm okay with making patches to my local copy, if that's what it takes.
Want to help the Review Board project? Donate today at
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to
For more options, visit this group at