Privilege Level
- Seth Petry-Johnson
Overview
Numerous features in LearningBuilder prevent a user from taking action on a “more privileged” account.
For instance, a customer service administrator cannot impersonate a System Administrator because that would allow them to modify system settings that they would not otherwise be authorized to change.
The “more privileged” concept is defined as:
Rule | |
|---|---|
| 1 | A SysAdmin is more privileged than anyone without the SysAdmin role, and equal to all other SysAdmins. A SysAdmin is never considered “less privileged” than any other account. |
| 2 | Anyone with access to the Admin area is more privileged than anyone without access to the Admin area. |
| 3 | An Admin (A) is more privileged than another Admin (B) if A contains any Admin-area permission that is NOT also held by B. This does not apply any “ranking” to the Admin-area permissions, such as considering the “manage” permissions to more of a higher level than “access” permissions. It is a simple comparison; if Admin B has any Admin permission not explicitly assigned to Admin A, then B is considered “more privileged”. |
Related features
This concept is used when:
Accessing the Profile page of another Member
Impersonating another Member