Question Questions ⇒ Ultimate Points (Error or Idiot?)

[aztek]

[Possible Bug Report] Seems with ultimate points extension- anyone with -any- privs from ACP (no matter what) can modify users Points, even if specific otherwise (in every single possible spot you can specify otherwise). Not sure if it's a bug or just me, but I've literally edited the permissions via every single way to think even down to the user-account itself and still.... "Senior Moderators" title with access to limited ACP features allows for points to [Modify]. Or I'm just retarded. either one- hopefully the latter tho.

[aztek]

Guess I'm an idiot then.

[dmzx]

Guess I'm an idiot then.

Hopefully not.

Will need to check on this if it can be hidden for those "Senior Moderators"
Can nobody be trusted anymore these days in ACP

Soon will be checking UP again so can take a look at it.

[aztek]

Lol I've also noticed an error with phpbb where letting certain users have the ability to "manage users". If my Senior Moderators can 'manage users' they can technically manage an Admin and change their password to utilize the features on their account. Obviously they wouldn't but still could pose risk for people. Unless the admins are marked 'founder' then they can be edited by users with manage users privs.