#4208 - Define usergroup superiority to allow non-admin staff to specify the usergroups of members
-
By Chris Graham
- Added
- 3 views
| Identifier | #4208 |
|---|---|
| Issue type | Feature request or suggestion |
| Title | Define usergroup superiority to allow non-admin staff to specify the usergroups of members |
| Status | Open |
| Handling member | Deleted |
| Addon | core_cns |
| Description | Currently a non-admin cannot set the usergroup for new members they manually add.
This is a security consideration, as Composr cannot know which usergroups are considered inferior to the member's own usergrroup. If they were able to pick a superior group, it would be a privilege escalation vulnerability. Allow specifying what permissive usergroups a usergroup is superior to, and then Composr would allow them to manage user membership within those usergroups. |
| Steps to reproduce | |
| Additional information | https://compo.sr/forum/topicview/browse/designing/help-with-assigning.htm |
| Funded? | No |
The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".
Comments
There have been no comments yet