Open MikeAlhayek opened 15 hours ago
We triaged this issue and set the milestone according to the priority we think is appropriate (see the docs on how we triage and prioritize issues).
This indicates when the core team may start working on it. However, if you'd like to contribute, we'd warmly welcome you to do that anytime. See our guide on contributions here.
In the permission structure we currently have. The
AssignRoleToUsers
permission should NOT be implied byEditUser
.AssignRoleToUsers
should be explicitly granted instead.Change
https://github.com/OrchardCMS/OrchardCore/blob/dd03cf8c998b014303728e20b398239e49ff3dc8/src/OrchardCore/OrchardCore.Users.Core/CommonPermissions.cs#L24
to