Add admin functionality
mrbellek opened this issue · comments
Merijn commented
There's already a spot for ROLE_ADMIN or similar in table user.roles (json-encoded roles array). Not sure how to create a new admin, unless you're already an admin yourself.
Admins should be able to create other admins or users. Maybe change users' passwords.
The 'this user is an admin' checkbox should ONLY appear for admins. Validate this by session, not by post data.