Open Bug 194686 Opened 22 years ago Updated 18 years ago

provide a restrictive version of "editusers" perhaps "addusers"

Categories

(Bugzilla :: Bugzilla-General, enhancement)

enhancement
Not set
normal

Tracking

()

People

(Reporter: hauser, Unassigned)

References

()

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030212 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030212 if one of my more restrictive options on editcomponents were available (see 1-3 of http://bugzilla.mozilla.org/show_bug.cgi?id=194684), then it would alsom make sense to restrict editusers such that a user with "addusers" set can - only add users, but not change their password once set nor disable them (then that would have to be escalated to the bugzilla admin) - only enable them for groups the editing user is a member of her-/himself Again, it appears that the edit* flag overrides security of groups, i.e. if I grant some the editusers privilege, they could add others/themselves to groups they weren't members before... Reproducible: Always Steps to Reproduce: 1. 2. 3.
confirming feature request. Thanks!
Status: UNCONFIRMED → NEW
Depends on: 189627
Ever confirmed: true
Reassigning bugs that I'm not actively working on to the default component owner in order to try to make some sanity out of my personal buglist. This doesn't mean the bug isn't being dealt with, just that I'm not the one doing it. If you are dealing with this bug, please assign it to yourself.
Assignee: justdave → general
QA Contact: mattyt-bugzilla → default-qa
(In reply to comment #0) > - only enable them for groups the editing user is a member of her-/himself That's the job of users with bless privileges.
Depends on: 357695
No longer depends on: 357695
You need to log in before you can comment on or make changes to this bug.