Open dsalo opened 1 year ago
I'm thinking maybe having no default at all here is the best move: I'd rather not try to guess whether sites are more commonly going to want Contributors or Researchers, etc.
So to have the Role selection start on a "Select Below" choice and require the user to affirmatively pick a role for the new user.
In the role-assignment dropdown in the Add New User screen, the default role is "Super." The default should instead be the lowest-privilege role, "Contributor."
The "Super" default is problematic for security because it inclines Omeka admins to violate the Principle of Least Privilege by accidentally/thoughtlessly/cluelessly assigning unnecessary system privileges to new users. It is also a tiny bit annoying for admins because typically, most users on an Omeka instance will be Contributors, not Supers.
(Since this touches on security, I did use the security email first, and was encouraged to post an issue.)