open
https://gitlab.synchro.net/main/sbbs/-/issues/361
I'm unable to make tests work where this code actually performs as expected, where a co-sysop can edit a higher-level sysop only if they have that flag/exemption themselves.
In my opinion:
1. The BBS world is past the point of needing this.
2. A co-sysop shouldn't be able to add flags/exemptions to a user of **any** security level if they don't have it themselves.
3. A co-sysop shouldn't be able to add flags/exemptions to their own account
But mostly just 1 above. I don't think we need this anymore, and the code should just be simplified to a co-sysop cannot edit a security level above their own, no exceptions.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net