What happened?

Steps to reproduce

With a a site structure like this:

• Default Site (handle: 'site-default')
• Site 1 (handle: 'site-one')

And these user groups:

• Admin - Default Site
• Admin - Site 1

The "Admin - Default Site" user group has all permissions on all sites.

The "Admin - Site 1" user group has these permissions:

• Edit users
• Register users
• Moderate users
• Administrate users
• Assign users to "Admin - Site 1"
• Edit "Site 1"

As a superadmin, I created a user and assigned them to the "Admin - Site 1" group.

When logged in with this user, my goal is to create a second user and assign them to the same group.

A few remarks:

• When I am on the /admin/users page, I have a query parameter site=site-one, which makes sense;
• As soon as I click on New User, this query parameter changes to site=site-default.

When I complete the user creation, I get a 403 - Forbidden error: User not authorized to edit content for this site.

It seems there is an issue with the context of my user when trying to create one. The only workaround to create a user is to have access to all sites (including the default site), which is not optimal if we want to allow a user group to create users within their own groups.

Craft CMS version

5.2.8

PHP version

8.2.19

Operating system and version

No response

Database type and version

No response

Image driver and version

No response

Installed plugins and versions