The portal was able to reset all passwords except for admin users.
Password resets and future self-service features must be limited to
self-service users.
The patch drops the 'System: Change User password' permission and
replaces it with two additional permissions for users and stage users.
It also introduces a new group for self-service capable users and an
automember rule. When a self-registered user is approved by an admin, it
is automatically added to the self-service group.
The patch also renames the portal user, role and privilege to be more
consistent with 'self-service' naming convention.
The portal was able to reset all passwords except for admin users. Password resets and future self-service features must be limited to self-service users.
The patch drops the 'System: Change User password' permission and replaces it with two additional permissions for users and stage users. It also introduces a new group for self-service capable users and an automember rule. When a self-registered user is approved by an admin, it is automatically added to the self-service group.
The patch also renames the portal user, role and privilege to be more consistent with 'self-service' naming convention.
Closes #36