- Issue created by @mvonfrie
- 🇦🇹Austria mvonfrie
See my comment 📌 Disallow the programmatic assignment of insider/outsider roles to members Active for the reason of this issue.
This is a follow-up to 🐛 An already assigned individual role can be made out/insider, leading to a crash in the permission calculation Needs review and 📌 Disallow the programmatic assignment of insider/outsider roles to members Active . At several places like group members view, view/edit group membership etc. only individual roles assigned to a group membership are displayed but no implicit roles (group roles with outsider and insider scope) and for subgroup roles inherited from a parent group.
All group roles a user "has" (because "assigned" is only correct for individual group roles) should be displayed at these places for usability purposes, or site/group admins might think something is wrong and these persons might not have the related permissions and create additional individual roles to assign to the users to fix an issue which doesn't exist.
In case of edit forms (like group membership) those roles should be listed there as well with the role name and scope of the role (eventually even the global/parent group inherited role name). There are multliple ways to do it, like checked and disabled checkboxes (which are not submitted to the form processing) or using a similar approach and the icons as for the entity.group_role.permissions_form form.
Active
3.3
User interface
See my comment 📌 Disallow the programmatic assignment of insider/outsider roles to members Active for the reason of this issue.