4208: Define usergroup superiority to allow non-admin staff to specify the usergroups of members

ID	Project	Category	View Status	Date Submitted	Last Update

4208	Composr	core_cns	public	2020-04-24 20:03	2022-08-15 01:15

Reporter	Chris Graham	Assigned To	Guest
Priority	normal	Severity	feature
Status	new	Resolution	open

Summary	4208: Define usergroup superiority to allow non-admin staff to specify the usergroups of members
Description	Currently a non-admin cannot set the usergroup for new members they manually add. This is a security consideration, as Composr cannot know which usergroups are considered inferior to the member's own usergrroup. If they were able to pick a superior group, it would be a privilege escalation vulnerability. Allow specifying what permissive usergroups a usergroup is superior to, and then Composr would allow them to manage user membership within those usergroups.
Additional Information	https://compo.sr/forum/topicview/browse/designing/help-with-assigning.htm
Tags	No tags attached.
Attach Tags	(Separate by ",")

Time estimation (hours)	2
Sponsorship open

Date Added	Member	Amount Sponsored

View Status	Private (for security issues or disclosing of private information; if you submit as a guest, you will not be able to see your submission)
Note
Upload Files Maximum size: 32,768 KiB	Attach files by dragging & dropping, selecting or pasting them.
You are not logged in	You are not logged in. This means you will not get any e-mail notifications. And if you reply, we will not know for sure you are the original poster of the issue.

Date Modified	Username	Field	Change
2020-04-24 20:03	Chris Graham	New Issue
2022-08-15 01:15	Chris Graham	Summary	Define usergroup superiority => Define usergroup superiority to allow non-admin staff to specify the usergroups of members