I understand to create a new user, one should use
user.signUp() to get username/email checking and password encryption. The user is returned and the
currentUser() is set the newly created user.
And that’s precisely the problem. In cases where you have an admin adding privileged users to the system, when they
signUp() a new user, they BECOME the new user, with the obvious confusion that implies on the front end and the unexpected loss of admin privileges.
Is there a way to prevent this from happening? I couldn’t find anything in the docs, but this is a very common pattern …where an admin has to manage other users and permissions. If not, how can I work around this?
Appreciate any thoughts …