Thanks Tom, I'm interested in the possibility of using a new rule as I don't have DataAssist and I'm over budget already for this job.
The code is currently:
<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php
if (!WA_Auth_RulePasses("Administrator")){
WA_Auth_RestrictAccess("../admin/access_denied.php");
}
?>
This is as per the Authenticate User Solution Recipe, where the objective is to create an Admin-only access for the Update User page. But what is the use if Admin can only access their own profile???
So I'd be grateful if anyone can help me with the code to create a new rule enabling Admin to access anyone's Profile page. I have about 50 user levels and page access rules here, another one won't hurt. I should add that our site caters for about 50 groups of scientists on various committees and panels, each with their own set of restricted pages, and often a scientist on one panel will be invited onto a second panel (some are on 7 or 8), thus the need to update user levels quite often. Naturally, we don't want them updating their own user levels (much as we trust them!).