I have noticed what I think is a bug with the Discourse Assign plugin. It is possible for an admin to assign a PM to a moderator who does not have access to the PM. They are notified, but when they click through to see the PM they cannot see it and get an error.
The answer, it seems to me, should be to add the assignee to the message at the same time, or to display an error to the assigner to let them know the assignee is not in the message and cannot be assigned the message.
This obviously does not affect admins who can see all PMs.
I can repro this. An assign notification is generated despite the user not having access to the PM assigned. Same issue occurs in categories with security that mods can’t access.
I just came across this again today - we are finding that I have assigned lots of messages to moderators who do not have access to them and hence have not been following up on them. Whoops.
I opened a PR to enforce additional rules when trying to assign a topic:
The user we’re going to assign to must be able to assign.
The user we’re going to assign must have access to the topic.
Trying to assign to one of these users will raise an error:
I think we should also remove users without access from the assign modal results. To achieve this, I’ll have to extend the core’s user search API a little bit.