Expanding to new elements
In the near future, more elements will be added/created for su only use. The more significant are:
- More control over global site appearance.
- More control over site behavior on mobile devices.
Superuser
The concept of a Superuser adds extra security to management users. There are two kinds of superusers, the superusers themselves, and the CloudAdmin user, addressed to cloud administrators.
Superuser functionality
A Superuser, su from now on, has access to the whole configuration set, including special management of Social Groups for contacts. Important for a su to remember:
- A su has full power over the application and web site.
- A su can assign or remove the su attribute from any contact.
- There is no limit to the number of su's. Anyway, the reason to have them is to keep the number low, for instance, one plus a backup.
- Non-su admins will not be able to impersonate a su. The attempt will be registered as
/log/failsu, and an email will be sent to all su's. - The fuzzy role
@su:isis available for context roles and the whole security script system.
Superuser special access
The following table shows the elements restricted to su-only-eyes.
| Element | Description |
|---|---|
| Assign admin Social Groups | Only su will be able to assign administration groups. Non-su admins will see the administration groups as disabled. |
| Assign su to any contact | Only su will be able to assign new superusers. |
| Microservices servers and members | Only visible for su. |
| Reset site settings | Only visible for su. |
| Reset schemes | Only visible for su. |
| Configurator | Only visible for su. |
| Server driven contexts | Only visible for su. |
| Layout root | Only visible for su. |
| English | 09/12/24 15:54 | Lluís Turró Cutiller | |
| English | 09/30/24 14:11 | Lluís Turró Cutiller |
