We keep running into problems with new applications that are assigned to the Users team. We have a pretty large number of users (50+), some of which are external to our organization, and they shouldn't be able to see application that they're not supposed to.
The problem for us is that non-admins can create new application, but are unable to do proper team management. When creating a new Raygun application, non-admins are only able to assign the new application to the Users-team or other existing teams that they're part of. In most cases they need to create a new team but since they are unable to do so, the Users-team is chosen instead. They overlook that the people that are external to our organization are also able to view this application now. This sometimes allows sensitive data to be viewed by people that should be able to do so.
I believe one of the following changes will fix this problem for us:
- Disallow non-admins from creating new application. This way an admin is always needed to create an application, who will be able to do proper team management.
- Allow non-admins to create teams. This way, they'll be able to create a new team themselves. Maybe introduce the role of team maintainer, so they'll be able to invite other people themselves for this team without needing an admin user.
The latter is probably a big change, though. I'd be happy with either of them.