I have an application has some roles:
- Administrators [super]: hidden, only me has a user/password to access full control.
- Admin: IT admin, has permission on create users but cannot see or assign Administrators role above.
- Manager: User with some approval permission, don’t have Administration permission.
- Employee: Normal users.
I can do some stuffs to make these desired behaviors.
But I see that if creating a user without any role assigned, that user has full control screens, entities.
So how to avoid this?
Thank you very much!