When we create a new site, I want to restrict the administrator user from accessing certain modules. After this, the administrator should be able to create users with specific role permissions, while also ensuring that the restricted modules are not visible to both the administrator and the users. Can this be done during new site creation or after installing a custom app?
First, the administrator user can do anything, so you cannot set any validation for this user. Even if you remove a module from the administrator user, if someone logs in, it will still apply the module rights. Therefore, we suggest using the system manager instead of the administrator user. You cannot set permissions for the administrator; even if you try, the administrator can still delete or add permissions upon logging in. The only way to restrict permissions for the administrator user is through code (but we don’t suggest doing anything for the administrator user).
Bad Idea. Bad concept.
It is not only “not recommended” but also “DO NOT ATTEMPT TO DO ANYTHING LIKE THAT” kind of thing.
Is there any other solution to manage this?
I want to restrict the master user to only use the functionalities provided by our custom app.
Do not use Administrator account. No body should login with Administrator. You need to login with Administrator only once-> during setup. Never again.
Administrator account is used backend by the system.
You should not login from that account.
You can write permissions for other users like System manager and others in your app.