Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Group admins shouldn't be allowed to delete users which are member of other groups as well #7381

Closed
Schmuuu opened this issue Dec 3, 2017 · 1 comment
Closed

Group admins shouldn't be allowed to delete users which are member of other groups as well #7381

Schmuuu opened this issue Dec 3, 2017 · 1 comment

Comments

@Schmuuu
Copy link

Schmuuu commented Dec 3, 2017
edited
Loading

Steps to reproduce

  1. create at least two groups group 1 and group 2 and three users (additionally to the admin)
  2. assign each group a non-admin user as group admin (group admin 1, group admin 2)
  3. add group admin 1 as member to group 2 (just normal member for group 2)
  4. add another normal user to both groups
  5. login as group admin 2 user
  6. go to user configuration and click "delete" on the group admin 1
  7. continue and delete the normal user as well
  8. check the user settings as admin and notice that group admin 1 and the user are gone

Expected behaviour

The "deleted" users should be removed from the group only. The group admin should only be able to influence what happens in his group, but not further beyond.
That one group admin can delete another group admin, just because the other group admin is the same group should definitely not happen.
I know it is redundant if "delete" does the same like deselecting the check box of the group, but the current bahavior is just too fault-prone.

I would love to see some mechanism that checks if a user still belongs to another group or is a group admin. If so the user will only be removed from the current group.
Only if the current group is the only group the user belongs to, than the user can be deleted completely.

Actual behaviour

Both users (normal user and group admin user) are deleted completely.

Why this is a problem for me

I have many groups configured on my server and each group has a group admin. Some group admins are members of other groups and furthermore there are users, who are members of many groups.
Group admins are necessary so that they can add new users to the server (and to their group). They should also be allowed to remove users from their group again and delete them (if these users don't belong to another group any longer).
The big problem now is, that many of my users with group admin rights are not very experienced with IT stuff and a "delete" is pretty much the same as "remove" for them. Another group admin was already deleted by mistake and we need to avoid that.

Server version

I'm using the latest stable release, 12.0.3.3
@MorrisJobke
Copy link
Member

Duplicate of #3630

@MorrisJobke MorrisJobke marked this as a duplicate of #3630 Dec 4, 2017
@Schmuuu Schmuuu mentioned this issue Dec 4, 2017
Closed
This was referenced Sep 23, 2018
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MorrisJobke @Schmuuu