Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Permissions on role

Hello to everyone! Thanks for your support!

I'm working on vanilla platform since few days. I' ve seen that on this platform to ban a user you need to associate the user to "ban" role.
I need to create a role with permission to ban users. The only permission in the dashboard i've found to do this is "edit profile".
Now this role can do this but he can also modify the other roles and potentially give him the admin role.

Is there a way to prevent this?


Sign In or Register to comment.