View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004208 | Composr | core_cns | public | 2020-04-24 20:03 | 2022-08-15 01:15 |
| Reporter | Chris Graham | Assigned To | |||
| Severity | Feature-request | ||||
| Status | non-assigned | Resolution | open | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0004208: Define usergroup superiority to allow non-admin staff to specify the usergroups of members | ||||
| Description | Currently a non-admin cannot set the usergroup for new members they manually add. This is a security consideration, as Composr cannot know which usergroups are considered inferior to the member's own usergrroup. If they were able to pick a superior group, it would be a privilege escalation vulnerability. Allow specifying what permissive usergroups a usergroup is superior to, and then Composr would allow them to manage user membership within those usergroups. | ||||
| Additional Information | https://compo.sr/forum/topicview/browse/designing/help-with-assigning.htm | ||||
| Tags | No tags attached. | ||||
| Time estimation (hours) | 2 | ||||
| Sponsorship open | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-04-24 20:03 | Chris Graham | New Issue | |
| 2022-08-15 01:15 | Chris Graham | Summary | Define usergroup superiority => Define usergroup superiority to allow non-admin staff to specify the usergroups of members |
