Results 1 to 4 of 4
  1. #1
    Join Date
    Mar 2006
    Location
    Zevenbergen, NL
    Posts
    40
    Plugin Contributions
    0

    Default 1.5.0BETA - Admin Access Management

    When adding a new admin user the email field is preset to the superuser user name and this would not process as a valid email-address.

    Also missing the capability to hide some unused menu's for the superuser.
    (Never used the gift certificate/coupons and extras menu's and always used the admin profiles addon to clean up the admin for the super-user)

  2. #2
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: 1.5.0BETA - Admin Access Management

    The presetting of the email field sounds like something that's happening your browser. Zen Cart makes no attempt to preset that field. But it will prevent you from creating the new user without a properly formatted email address.

    Although Admin Profiles was more commonly used to prevent "other people" from accessing everything, the way in which you were using it, was the reason for which I originally wrote it. So your point is understood. However, you'll need to do it slightly differently going forward.

    The superuser setting is designed to show everything. So to work with some menus hidden, create a profile, "Store Owner" say, that has just the ones you want and attach that profile to your user ID.

    You will still need a superuser though. That's by design too, to stop people from accidentally cutting themselves off from the Admin Access menu. So you may need to create an additional user, even if they're rarely if ever used.
    Last edited by kuroi; 14 Aug 2011 at 11:40 AM. Reason: historical digression
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

  3. #3
    Join Date
    Mar 2006
    Location
    Zevenbergen, NL
    Posts
    40
    Plugin Contributions
    0

    Default Re: 1.5.0BETA - Admin Access Management

    You are right it was my firfox playing up.
    Tested on a machine virgin to the test install and then the fields come up empty so it is not really a ZC bug but anyhow confusing.

    I have my concerns about this whole new concept and the PA-DSS restrictions but not yet figured out where to post these concerns.

  4. #4
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: 1.5.0BETA - Admin Access Management

    I tend to agree. Some of the changes in this area sort of make sense from a technical security viewpoint, but are a bit counter-productive from a behavioural perspective and certainly reduce usability.

    And then many of the requirements are open to interpretation, which understandably encourages auditors to play safe by erring towards even more restrictive judgements.

    Concrete examples:

    Longer and more complex passwords make it more difficult for somebody to guess your password. Fair enough. But push that too far and add enforced changes and no re-use, and people can't remember their own passwords. So they write them down, which plays straight into the most common type of business fraud, which is internal, by employees using other employees passwords. These regs don't feel to me like they got the balance right.

    And wouldn't automated or one-click updates and security patches make systems more secure. But I'm told that would get in the way of the audit process!!!
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

 

 

Similar Threads

  1. Replies: 1
    Last Post: 6 May 2015, 05:47 AM
  2. Admin Access Management
    By dereck72 in forum General Questions
    Replies: 4
    Last Post: 6 Nov 2013, 12:50 AM
  3. v150 Missing Admin Access Management tab
    By Psylent in forum General Questions
    Replies: 4
    Last Post: 2 Aug 2012, 01:21 AM
  4. Admin Access Management
    By niccol in forum Upgrading to 1.5.x
    Replies: 6
    Last Post: 11 Jun 2012, 05:53 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR