The Journal Manager's options editing user profiles in OJS 3

Hi
Following the General Data Protection Regulation (GDPR-EU), the journal manager’s rights in connection with user profile customization have been greatly limited, but I cannot fully find out what rules we are following in the new settings of OJS 3. They do not seem to be fully consistent.

As shown indirectly by the image below, the journal manager can make adjustments of the user’s profile. This applies to all those with the link ‘Merge Users’. Here the journal manager can edit the users profile and give them new roles and remove other roles. Can anyone tell me why those options still exist concerning some of the users while others seem to be protected against having their profile edited?

Best
Niels Erik

Those users only have roles in the JM’s journal. The users that the JM can not edit have roles in other journals as well. This is not something that came with the changes for GDPR but the way OJS3 has worked from the beginning.

For giving out roles there is an ongoing issue here: Allow journal managers to invite users to adopt a role · Issue #3022 · pkp/pkp-lib · GitHub

For editing user profiles, I think that only the site admin will end up having that permission. This is however purely my own view, not sure if this has been discussed somewhere.

Thank you so much for the answer.