How to restrict an admin user to a particular site and NOT other sites?

Is there currently a way to restrict a particular user, despite their role, to a particular site? I want to be able to assign a user to manage their OWN site as an admin, but not be able to see or touch any other site in the system - nor be able to touch any of the umbrella admin settings that would affect all sites.

I know there’s the groups module and I installed that, but I’m not sure if that will do the trick…

Thanks!

Also, why is it that when you go into a site’s user permissions, you can set a certain user as just a “viewer” … but it actually doesn’t work - they still have access to edit and add pages, settings, etc.

It is not possible, and there is no module for that currently.

And the module group can help, but there is a bypass for admin.

This is really surprising, as I thought the whole goal and vision of Omeka S was to have multiple sites in one installation…and I assumed that each website should have and could have their own permissions set! It should be a major priority to have a module built for this and I wonder how many others feel the same?

So for now, is it that we have to have multiple installations of Omeka S in order to achieve separate permissions? Doesn’t this defeat the purpose of Omeka S!?

3 Likes

I see, so the module group can separate editors from other sites? Is there currently a way to customize certain functions that an editor can perform in a site? For instance, by default it looks like an editor can edit existing pages and add items, but what if I want them to be able to add pages and manage their own navigation? Is there an efficient way to program this?

Thanks

The site editor can choose which resources to display on this site, but in the admin backend, there is only one repository. The idea is to have only one repository where users can read, create and update items, in order to make sharing easier between sites.

Nevertheless, your needs are a requirement for many projects, but it is not yet implemented. So you need a totally new module.

1 Like

The site permission settings are basically additive: they grant users permission they otherwise wouldn’t have, but they won’t take away permissions they already have just on the basis of their role.

You should be able to do what you want as long as the user you’re dealing with is assigned to a lower-permission role. What role do they have now where this isn’t working? I see you mention “admin” in the post title, is that their role? Do they need that many global permissions? A lower-role user can still be the “admin” of a specific site if they’re granted that in the site’s permissions page.

1 Like

Any update on this? We are using the latest version of Omeka-S (well, 2.1.0) and want to have a student be “admin” on a particular sub-site which will become an exhibit.

We encountered several problems:

  1. We actually couldn’t add any users to a particular site. When we click on a user inside Sites > User Permissions, nothing changes in the UI. We also tried saving, presuming perhaps there is just a visual bug - but after saving, no additional users appear.
  2. We tried setting various roles for the student user, including Author and Editor. As described in the post above, these are lower-permission roles. But for instance, the student wasn’t able to create new Pages, which are the primary part of a sub-site that is intended to be an exhibit (in the same sense as Exhibits in Omeka Classic). Perhaps this is solved by site-specific permissions if #1 above worked.

Are we experiencing a bug?

This sounds like a bug, but one I haven’t heard reported before.

You should be able to add users in the Sites > User Permissions page and give them permissions specific to that site, including “Admin.”

My guess would be some Javascript issue there… is anything being printed in the browser console on that page when you try to select users?