Open
Bug 194686
Opened 22 years ago
Updated 18 years ago
provide a restrictive version of "editusers" perhaps "addusers"
Categories
(Bugzilla :: Bugzilla-General, enhancement)
Bugzilla
Bugzilla-General
Tracking
()
NEW
People
(Reporter: hauser, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030212
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030212
if one of my more restrictive options on editcomponents were available (see 1-3
of http://bugzilla.mozilla.org/show_bug.cgi?id=194684), then it would alsom make
sense to restrict editusers such that a user with "addusers" set can
- only add users, but not change their password once set nor disable them (then
that would have to be escalated to the bugzilla admin)
- only enable them for groups the editing user is a member of her-/himself
Again, it appears that the edit* flag overrides security of groups, i.e. if I
grant some the editusers privilege, they could add others/themselves to groups
they weren't members before...
Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1•22 years ago
|
||
confirming feature request.
Thanks!
Comment 2•20 years ago
|
||
Reassigning bugs that I'm not actively working on to the default component owner
in order to try to make some sanity out of my personal buglist. This doesn't
mean the bug isn't being dealt with, just that I'm not the one doing it. If you
are dealing with this bug, please assign it to yourself.
Assignee: justdave → general
QA Contact: mattyt-bugzilla → default-qa
Comment 3•18 years ago
|
||
(In reply to comment #0)
> - only enable them for groups the editing user is a member of her-/himself
That's the job of users with bless privileges.
You need to log in
before you can comment on or make changes to this bug.
Description
•