Add "delete group" as a customizable permission
Release notes
Background
Currently this permission resides in the Owner role. Customers want to avoid assigning Owner, and would rather split off this particular permission "delete group" so it could be added to any other base role.
Proposal
- When creating a role, any base can be selected. A new permission is available and labeled "Delete Groups" that can be selected.
- This permission
group_delete
gives them the ability to:- Delete a group
- Cannot delete a top-level group on SaaS. There may be prevention mechanism here as it's tied to a subscription but a safeguard would be required.
Permission Description: Ability to delete a group. This permission cannot delete the root namespace on SaaS. Please review deleting retention period to prevent accidental deletion.
API For Reference:
Views+Workflows:
- Group -> General-> Advanced -> Remove Group Section
Evidence
Edited by Joe Randazzo