Tag: Admin roles

Creating and managing phpBB administrators

On: By: Mark

You can’t run a phpBB board without an administrator, but the privileges granted to administrators in phpBB and how they are assigned and handled are not obvious.

Let’s learn how to create administrators, what privileges administrators have, and how to change or remove administrators.

Easily adding new administrators

If you don’t want to be particular, simply add an existing user to the Administrator’s group. This user will be able to access the Administration Control Panel (ACP) with the Full Administrator’s role privileges, giving them broad powers to do almost anything except add, change or remove founders. ACP > Manage groups > Administrators > Members > Add users

What’s peculiar is while an administrator created this way has the Full Administrator’s role privileges, the role is not explicitly assigned. It appears that phpBB defaults to these permissions if none are explicitly granted, which is inconsistent with phpBB’s otherwise amazingly well thought out permissions system.

Founders

There is a special type of administrator called a founder. If you manage a phpBB board, you probably have this privilege already. Founders can never be banned, deleted or altered by any other administrators unless they are also founders.

This feature is basically a safety feature, ensuring founders can’t be locked out unless another founder is doing this.

An easy way to tell if you are a founder is to look up any user in the ACP using the manage users function. If when editing their settings, the founder field is enabled, you are a founder.

Hint: if you need to become a founder and can access the database outside of phpBB using a tool like phpMyAdmin, you can make yourself a founder. Find your row in the phpbb_users table and change user_type from 0 to 3. You may need to purge phpBB’s cache afterward for it to take effect.

Deleting administrators

The easiest way to remove an administrator is to remove them from the Administrators users group: ACP > Manage groups > Administrators > Members. Select the checkbox for the user, then select Remove member from group and press Submit.

You could also remove permissions explicitly. ACP > Permissions > Global permissions > Administrators > [user name]. Once selected, select their row in the text area and click on the Remove permissions button.

Changing administrator permissions

There are two approaches to changing administrator permissions: assign a role or set custom permissions.

Using a role

ACP > Permissions > Global permissions > Administrators > [user name]. After the page is refreshed, select their row in the text area and click on the Edit permissions button. Select the desired role: Standard admin, Full admin, Forum admin or User and Groups admin. Let your mouse hover over each permission type to see what privileges are assigned to the role. Click Apply all permissions when done.

Custom permissions

ACP > Permissions > Global permissions > Administrators > [user name]. After the page is refreshed, select their row in the text area and click on the Edit permissions button. Click on the Advanced permissions link, then go through each tab and assign the desired privileges. Click Apply permissions when done.

When does the ACP link appear?

If you have any ACP permissions assigned, the link to the ACP will appear. Only if you have no ACP privileges will the link disappear.

Understanding roles, part four – administrator roles

On: By: Mark

It’s tempting to think of administrators as one size fits all, but you can have various kinds of administrators. The kinds of administrators are based on the roles they are given.

If you don’t want to be granular about administrator privileges, simply add the user to the administrator’s group: ACP > Users and groups > Groups > Manage groups > Administrators > Members. In the Add Users block, enter the usernames on separate lines that you want to make administrators. Use the Find a member link if needed, and press Submit when done. See the screenshot below.

Adding an administrator
Adding an administrator

These new administrators will inherit the Standard Admin.

There are four administrator roles:

  • Standard Admin. Has access to most administrative features but is not allowed to use server or system related tools.

  • Full Admin. Has access to all administrative functions of this board. Not recommended.

  • Forum Admin. Can access the forum management and forum permission settings.

  • User and Groups Admin. Can manage groups and users: Able to change permissions, settings, manage bans, and manage ranks.

The main role to worry about is the Full Admin role, because if you grant it, then you are giving the administrator virtually complete control of the board. The administrator is not technically a founder but might as well be since they can do pretty much anything a founder can do too except make themselves a founder or create additional administrators.

If you want to make someone a founder, you first must already have founder privileges.

ACP > Users and Groups > Manage users

Enter the user’s name and press Submit. In the Founder field select Yes and press Submit.

You can also create a new Administrator role if you want similar to the process used for moderators: ACP > Permissions > Permission roles > Admin roles > Create role

Large and busy boards might find a need to assign people to the Forum Admin and User and Group Admin roles.

These new administrators get into the Administration Control Panel the same way as you do: by selecting the link in the navigation bar or from the link that appears in the footer.