** Changed in: mahara
Importance: Undecided => High
** Changed in: mahara
Assignee: François Marier (fmarier) => Richard Mansfield
(richard-mansfield)
--
You received this bug notification because you are a member of Mahara
Core, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/492009
Title:
Ordinary group members can be promoted to be an admin of "controlled"
or "course" groups.
Status in Mahara ePortfolio:
Fix Released
Bug description:
Ordinary group members (those who are not site or institution admins
or staff) can be promoted to be admins of "standard.controlled",
"course.controlled" and "course.request" groups through
Group->Members->"Change Role" interface (/group/changerole.php). This
should not be permitted. When the ordinary user is promoted to be such
admin, not only the error on group_get_grouptype_options() function
call will pop-up (group type drop-down menu), as ordinary user can
only be admin of invite/request/open standard groups, but also such
user can remove original group admin and institution or site admin
will end up having uncontrolled "course group".
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/492009/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-core
Post to : [email protected]
Unsubscribe : https://launchpad.net/~mahara-core
More help : https://help.launchpad.net/ListHelp
