This bug is quite similar to
There is some setting which allows moderators to manage categories.
If this is activated, moderators can change the security settings of a category such that they no longer have access, which is most likely accidental.
Administrators can, of course, recover this situation.
I suggest to remedy this behavior by forbidding moderators to change a categorry in such a way that they loose access.
There is some setting which allows moderators to manage groups.
Furthermore, there is an additional odd situation regarding the access of the member list, where Moderators can toggle whether they themselves see the member list.
A warning (confirm dialog) will be shown once this PR gets merged
main ← ux-warn-mods-before-losing-access-to-group-settings
merged 01:43PM - 24 Dec 25 UTC
When moderators (with `moderators_manage_groups` enabled) change a group's visib… ility or members visibility to "Owners only" while not being an owner themselves, they would permanently lose access to manage that group. Similarly, removing themselves as owner when visibility is set to "Owners only" would lock them out.
This adds confirmation dialogs warning moderators before:
- Changing group visibility to "Owners only"
- Changing members visibility to "Owners only"
- Removing themselves as owner when visibility is restrictive
- Removing themselves as member when they're also an owner
Also refactors the category lockout code from PR #36663 to use async/await for consistency.
Ref: https://meta.discourse.org/t/391403
3 Likes
zogstrip
December 25, 2025, 7:00am
4
This topic was automatically closed after 17 hours. New replies are no longer allowed.