2009-03-01, 04:08 PM
It is nice, that it is possible to set exactly what a user is allowed to do in the Admin CP. But the Setting "Can manage users?" bypasses that all because the user could simply add himself to any group. I propose that a user with that right should only be able to Edit Users/Groups with lower administrative permissions.
Another thing i noticed is, that it seems that it is not possible to grand administrative permission individually to a user (only if he is in a group that has acp access). Also these rights default to "yes", they should default to "no" or better a third option "inherit".
Another thing i noticed is, that it seems that it is not possible to grand administrative permission individually to a user (only if he is in a group that has acp access). Also these rights default to "yes", they should default to "no" or better a third option "inherit".