Closed Filnor closed 6 years ago
Absolutely! Most of the pages are locked behind permissions, however, currently, every user is granted every permission upon signup to help with testing.
When we've ironed out the majority of issues with Higgs and have HD reliably sending reports/feedback - we'll revoke permissions from users who shouldn't have/need them
Alright, I think that's fine then. I was just confused why I could edit it. 😄
No worries. I think I'll keep this open so we don't forget to remove privileges :)
If I login and then go to the admin page for a bot, for example to Natty tester, I can freely edit the data in there. For example, I edited the bot name and set it to "Natty tester - 0wn3d by ch4d3_".
Not every user who creates an account should be able to do that IMO, so a check for privileges would be nice.
This check should validate if a user is at least one of those: