View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0004208||Composr||core_cns||public||2020-04-24 20:03||2020-05-10 00:59|
|Reporter||Chris Graham||Assigned To|
|Fixed in Version|
|Summary||0004208: Define usergroup superiority|
|Description||Currently a non-admin cannot set the usergroup for new members they manually add.|
This is a security consideration, as Composr cannot know which usergroups are considered inferior to the member's own usergrroup. If they were able to pick a superior group, it would be a privilege escalation vulnerability.
Allow specifying what permissive usergroups a usergroup is superior to, and then Composr would allow them to manage user membership within those usergroups.
|Tags||No tags attached.|
|Time estimation (hours)||2|