Restricting access to specific roles in user management
If I set up a role that has permission to create/update/delete users and user groups, how can I restrict which roles that role has access to when creating users?
The use case is for a user with the power user role to be able to create/update a user to use one of two roles (read only, power user), but that role should not have any access to the system administrator role and should never be allowed to assign a user to it.
How do I go about setting this up? I see a "Restrict Visible Roles" permission in the role management settings, but I cannot find a place to select which roles are restricted and don't see details around this in the wiki.