Hi,
I gave user creation to admin only. On user creation i always had administrator selected by default which was a security issue.
I created users/admin.yml with following options in order to prevent a admin create an other admin (update is always available).
options:
create: false
Now admin is not available during user creation process for administrator.
Problem is, even if i don’t see anymore Admin in list i still can create administrator if i don’t select a role. The role radio is required but seems to already has admin value.
I don’t understand why admin is selected by default anyway. It’ a security issue my point of view. A default role should be the lower role. So why give admin role as default for all new users created by admin ?
Having no role selected is the quickest way to solve this issue.
may i bring this up again, as i am currently trying to solve a similar issue.
I read through the discussion in Setting default user role on creating in panel and also followed the argumentation given in Setting default user role and language on creating in panel · Issue #347 · getkirby/ideas · GitHub which i can follow … but … what if we start dialog with the given option (which seems to the users’ own role) and then store the latest option which is preselected when another user is created?
