Steps to reproduce:
- Have SSO set up.
- Let a new user sign in, and specify that he is a moderator in the payload.
The users has exactly the same permissions as if he signed up and was instantly manually awarded moderator permissions.
The user is given the moderator flag, but is not added to the
moderator groups. This means that he cannot access categories requiring these permissions.
Here’s a screenshot of the user settings:
It looks like hitting Refresh on
/admin/groups/automatic fixes this for already created users.