Looks like I'm keeping the mailing list server busy today :) I have managed to hide the Admin rights/objects/classes part of the edit button by modifying line 9 of menus_content.vm (and attached it to my custom skin) Changed it from: #if($isAdvancedUser) To: #if($isAdvancedUser && $hasAdmin) Now I just need to work-out how to remove that from the document index and if the user tries to go to the link directly. I also need to then workout how to stop advanced users from being able to create their own skins. Hmmm. Time to take a break I think. Kind regards, -----Original Message----- From: users [mailto:users-bounces@xwiki.org] On Behalf Of Mahomed Hussein Sent: 14 March 2015 16:57 To: XWiki Users Subject: [xwiki-users] Restrict Access Rights to Admin Users only Hi I have been doing a bit more reading and digging as I was hoping to be able to solve this in the skin but I've come across two issues 1) This doesn't appear to be implemented in the skin 2) It appears end users can create their own skins so doing it in the skin is not the right way. I've come across this link but there doesn't appear to be a definitive solution in it - http://xwiki.475771.n2.nabble.com/Access-rights-management-bug-td6803183.ht… I have done the following test: 1. TestDoc created in TestSpace by User1 2. User2 only has read and comment rights in TestSpace. Confirmed User2 cannot edit document or change rights. 3. User2 is given read, comment and edit rights in TestSpace 4. User2 refreshes TestDoc and now can edit the document. 5. User2 looks at TestSpace document index and sees that he cannot delete the document. 6. User2 edits access rights for TestDoc and gives himself delete permission on the document 7. User2 refreshes TestSpace document index and he now can delete TestDoc. Am I the only one who sees this as a problem? Read/Write/Modify should not allow you to then change permissions on the document. Is there any robust way without having to write Java to fix it? I'm afraid my skills fall short of Java editing. Kind regards, -----Original Message----- From: users [mailto:users-bounces@xwiki.org] On Behalf Of Mahomed Hussein Sent: 14 March 2015 15:07 To: XWiki Users Subject: [xwiki-users] Restrict Access Rights to Admin Users only Hi I’ve noticed that users with edit permissions can also modify access rights on any document. Ideally what we need is that only users with Admin rights can modify document Access Rights in their space. The reason for this is that we only want to allow department heads to be able to make a document visible to other users/spaces, but we want everyone to be able to contribute to the articles. I am slowly trying to learn the power of XWiki and am loving it so far. Any help with this would be greatly appreciated. Thanks in advance for your time. Kind regards, Mahomed _______________________________________________ users mailing list users(a)xwiki.org http://lists.xwiki.org/mailman/listinfo/users _______________________________________________ users mailing list users(a)xwiki.org http://lists.xwiki.org/mailman/listinfo/users