Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-12-19 07:15:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Close security loopholes to make non-superuser admins usable

Browse Source
This commit is contained in:
Erik Kalkoken
2022-05-12 03:56:22 +00:00
committed by Ariel Rin
parent da93940e13
commit dd1a368ff6
13 changed files with 694 additions and 205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/features/core/groups.md
View File

@@ -38,6 +38,10 @@ The key difference is that the group is completely unmanaged by Auth. **Once a m
Most people won't have a use for public groups, though it can be useful if you wish to allow public access to some services. You can grant service permissions on a public group to allow this behavior.
### Restricted
When a group is restricted only superuser admins can directly add or remove them to/from users. The purpose of this property is prevent staff admins from assigning themselves to groups that are security sensitive. The "restricted" property can be combined with all the other properties.
```eval_rst
.. _ref-reserved-group-names:
```