All my internal users are Reviewers, as I want them to be able to see more in depth information than they can get through the idea portal. However, I don't want anyone but an Owner to be able to mark and idea as Visible to Anyone. Internal employees rarely write up an idea in a way that is appropriate for external users to read, so we always have to do some sanitizing.
I should be able to lock down permissions for Reviewers so they cannot change the visibility of their own ideas. I consider this a significant security hole.
|Release time frame|