blizzz
commented
9 months ago On the hand it could be considered acceptable for a group called "admin" to not create an own one. But removal would not work. Instead of having exceptions, it's better to implement IIsAdmin interface, so that the SAML backend can say itself who is admin and who not. Would need yet another setting field to declare the admin group(s).
I updated SAML plugin to v6.1 (It seems it can't be reverted back anymore). Now we have two admin groups. I think one is local admin groups with super admin users, and the other one SAML_admin with the users from SAML. This broke admin group assignments. Is there no way to make a SAML user super admin anymore with the new Group Backend?
_Originally posted by @GaugeTheory in https://github.com/nextcloud/user_saml/issues/810#issuecomment-1956680641_