More rework on the groups system. * BESTOWGROUPROOT permission added to dbdefs. * Permissions criteria for group operations changed in dbdefs (consult code for full explanation.) * Approveuser and Editgroup now check for BESTOWGROUPROOT permissions before allowing changes to group_root. * approveuser_form and editgroup_form do not show "Group Root" as an option unless you are allowed to set it (or it is already set.) * editgroup does not UPDATE rows where trust has not been changed. * showgroup does a correct check to see whether to show the "group options" subpage.
Showing with 124 additions and 42 deletions