Currently transactions can be created, modified, and deleted by anyone, without any authorization or record of who did what. In order to be production-ready, users will need tighter control over transactions. I propose the following control flow:
Any user can create a transaction, but the transaction must be approved by all users involved in the transaction (either as payers or payees)
If a user doesn't approve, allow them to either veto the transaction or perhaps submit a modified version of the proposed transaction which goes through the same approval process
Editing or deleting a transaction should be approved in the same way, can only be done by a user involved in the transaction
If a user leaves a group and then someone tries to edit a transaction they were involved in, I guess that just shouldn't be allowed?
Currently transactions can be created, modified, and deleted by anyone, without any authorization or record of who did what. In order to be production-ready, users will need tighter control over transactions. I propose the following control flow: