Is there a way to restrict users from changing roles
themselves? If a user goes to My Connections and then clicks Edit,
they could, in theory, change to any group they want--except to the
administrator group because you have to enter a password. If the
admin isn't watching the site 24/7, the user can change their roll,
let's say from a writer to a publisher, and publish something
before the admin can notice.
Is there anything that can be done to restrict that?
You can use connection keys...this will only allow a user to
change their name and email address (I think...I can check on this
tomorrow). We use these at my work and it allows for a lot more
control over who is assigned to the proper groups.