MxAdmin does not respect security settings?

1
I have tried to create a separate administrator user role, such that I can restrict MxAdmin to just user management and leave all other admin functionality to this second admin role. However, it seems that MxAdmin totally disregards my security settings and is able to view pages and objects it's not supposed to (at least when running locally). Anybody any suggestions as to why this is (and more importantly, how I can fix this)? The entities and pages are in the administration module, but I don't think that should matter, should it? Edit: yes, I have specified module roles as well, that is how I differentiate between which pages and entities should be accesible by which user role P.S. the modeler version is 6.10.5, which I somehow can't select down here...
asked
4 answers
4

It does matter.

You specify user roles for the entire application. You then map the userrole to each relevant module role in the project security settings. If you only have 1 'administrator' module role in the administration module and both the MxAdmin userrole and your secondary admin userrole both have administrator rights in the administration module, they will have the same access rights (withinin that module)

answered
1

Don't ask me why or how, but I've redownloaded my model from the teamserver (because my modeler crashed and corrupted something) and now everything works as I intended...

Case closed! Thanks for the help anyway.

answered
1

It seems like this issue was fixed in the 7.18.0 release.

Quoting the 7.18.0 release notes: "We fixed the issue causing the built-in admin user to retain old roles when a new role was selected in the Security configuration of the app project. (Ticket 65664)"

answered
0

First thought that comes to mind is checking the module rules for MxAdmin and the custom admin. Did you seperate the security in the concerning modules?

answered