~luma_inhibitor/cables#64: 
Extend role assignment authorization

When the .role command is used to manipulate another user's roles, impose additional checks on whether or not this is an allowed action before carrying it out.

  1. Check that the user is assigned a role from a list of moderator roles
  2. Check if the issuing user's highest role is above the role that they are attempting to change assignment of

If #63 is complete before this ticket is worked, also disallow assigning a role that is a higher moderator tier than the highest class the issuing user is assigned.

Status
REPORTED
Submitter
~erin
Assigned to
Submitted
2 years ago
Updated
2 years ago
Labels
feature/enhancement priority/high