Users automatically member of 'users' group. #239
Labels
enhancement
Improvements in term of performance or behaviour
feature
New feature to be developed
wontfix
All users should be automatically members of the 'users' group concept (except anonymous).
This would allow to distinguish between authenticated or non-authenticated user permissions for any given user if we desired to enforce minimally that the user be logged in to access a resource.
Currently users are only assigned automatically anonymous group (to have access to public resources), and receive optionally another more restrictive group membership (from UI or API body field).
It should not be possible to modify
users
group membership.Similarly,
anonymous
group membership modification should be blocked.Relates to #164
The text was updated successfully, but these errors were encountered: