Limit "Manage users" right

Description

The Administration role's "Manage users" right appears to include read-only access to the system's roles as well. Is this by design? It seems slightly confusing but otherwise harmless.

Reproduction Steps

  1. Create an Administrative role and associate the "Manage users" right, and only the "Manage users" right, with it.

  2. Assign the Administrative role to a user.

  3. Login to OpenLMIS via the user and note that Administration -> Roles is presented as a menu item.

Environment

None

Assignee

Unassigned

Reporter

Ben Leibert

Labels

None

Priority

Trivial