Admins under admins...
There is only one admin role. It has access to everything.
Hi Anton, David..... a remark/observation on this.
The scope of a user created by an admin or any other user should be inherited from the creator of this Account/User, like with the Groups. I can create such "Admin User" ( a new user with "Admin" ticked), assign groups to him and when loged in as this user I can only see the groups assigned and devices alocated to these groups while loged in as this user.
This is nice and exactly what one would expect if traccar could have more than one Admin, "a administrator" for "a group" with allocated devices, users, geofences and other Group specific attributes allocated to the Group and only those visible and editable by this Group Admin user..
Whilst the "Admin user" concept work for Groups in V3.16/7 , it does'nt for devices and users.
But a user can see and edit all users including the super admin if "Admin" is ticked.
This user with "Admin" and "Device Readonly" ticked can even edit devices, changing IMEI numbers which is dangerous.
But.. if his account "Admin" is unticked there is no way to get to editing/changing anything if.
Such Admin users for groups would be very valuable.
Have you heard of Manager role?
Hi Anton /diskdeb,
This is the scenario:
- This instalation has several geographic zones (groups).
- Each group does not know nothing about another groups. This must always be so.
- Each group need an admin (or special user) that could create his own users.
Any ideas about how solve this?
The rest, i can do it.
Thanks in advance, David.
That's exactly what manager role is for. Please read relevant documentation.
OK Anton/David
Anton, one thing that boggles my mind, where do you find time answering ALL these (documented) questions.
David, we have the same implimentation and, thanx Anton
I tested this for the senario and its working prrfectly
Documented: https://www.traccar.org/documentation/user-management/ ...............USER LIMITS
" If user limit is set to -1, it means that manager has no limit.
If user limit is set to 0, it means that user is not a manager. The difference between manager and regular user is in their user limit value. Manager has limit not equals to 0.
Only administrator can change these fields. "
First create the groups, devices, geofences, allocate geofences to devices, devices to groups, groups to this Manager user and test.
Apologies,
I forgot to mention, The Manager user's "Admin" tick must be unticked/clear for this to work properly
And the user can register/create devices, geofences and users.
All without knowing or seeing any other user, or groups, device, geofences not allocated to him by the only Administrator.
We need these Managers to add their own groups and users and allocate devices assigned to them by the Admin, to these users and groups he created.
Created users by the manager do'nt inherit his preferences, which could be handy to ensure hhis users function like himselfs. Like automatically having the same Map Layer, time format etc.
But that's not taking away any functionality.
Thanx again Anton
Hi Anton,
Problem solved. Now, all works like a charm...
One more time, you has reason....
Thanks Anton & another users,
David de Argentina
Hi Anton,
I just installed a 3.17 server.
I'm admin (superuser) of the server, and need to create another users as admins.
I can manage all users, devices, groups, and another services.
I need another admins could not edit superuser admin data, or add devices (or groups) not allowed.
Manually i add a register at user_users table with a new admin user, but does not work. Logged as this user, he could edit me (superuser)
How can i do this features? (avoid another user change my pass, by example...)
Thanks in advance,
Greetings from Buenos Aires, Argentina
David.