-
-
Notifications
You must be signed in to change notification settings - Fork 834
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API: Prevent from locking yourself out of admin group #736
Comments
Good thinking. |
If someone has permissions and technical knowledge to fiddle around with the API, shouldn't we let them do stuff like this? Most admins are probably going to have access to set themselves back to the admin group through mysql if they goof. Just a thought. |
Having access as an admin to the API doesn't mean you'll have access to the MySQL database. Good example is the Flarum.com hosting service – if someone was to unset themself as admin via the API, the only way to reverse it would be for them to contact support. Not ideal. |
Should this be the case for all admins or only the root admin (a.k.a. the first user to be created)? |
So... only disable this for the very last admin? |
Admins (root or not) should not be able to demote themselves. Non-root admins should not be able to demote the root admin. |
Ehh, I'm okay with that design choice for Flarum.com. But not for self-hosted solutions. I had a situation on a site where the root admin/user # 1 was someone who set up the site for us, and we took it over after a time. He later became a troublesome user and had to be banned. Without the ability to demote him as the root user, the site would have been destroyed. I think I'm going back to my original stance for self-hosted solutions: if the user has access to the API they should be able to make any changes. Flarum.com may need to diverge in this instance for their setup, and that's okay. But when we hand over keys to the software to our users, we can't keep the master for ourselves. |
Some good points there. Will keep thinking about this. |
This is how Slack manages teams: In a sense, there are 'Super Admins' which can demote other Admins and Mods, but then who has access to demote Super Admins? |
Hey,
just a little improvment idea for the API.
You cannot remove the Admin-Group from yourself using the website, but you can by using the API.
So you can lock yourself out of your Flarum-Instance.
The text was updated successfully, but these errors were encountered: