Issue with frontend plans management and Joomla Groups Plugins

Hi Tuan

In my testing phase I discovered a very unfortunate configuration dilemma that can create a great security issue, that I hope you will address somehow.

When Membership Pro Front-end subscription manage is ON + PLG_OSMEMBERSHIP_JOOMLA_GROUPS_SETTINGS is ON, then users that subscribe can be added to Superuser joomla group (and other high-level user group levels) in the subscription manage settings in front-end under PLG_OSMEMBERSHIP_JOOMLA_GROUPS_SETTINGS Tab.

I really like the front-end subscription management feature AND the Joomla user group setting feature. These are essential to my site concept where clubs can create and manage their subscriptions. So I really hope that this issue can be sorted out some way.

Suggestion for fix:
- Create a possibility In back-end MP configuration where it is possible to select the Joomla User groups that should be visible/selectable in front-end PLG_OSMEMBERSHIP_JOOMLA_GROUPS_SETTINGS tab.
- Another way to handle this issue (Better for my use cases) could be to add a setting in MP category where you select the Joomla user groups that can be added in PLG_OSMEMBERSHIP_JOOMLA_GROUPS_SETTINGS front-end for plans in that category. This would be the perfect solution from my point of view.

- It would also be very useful for creating a clean and user-friendly UI in the front-end if there were a "Show on Front-end" button on Membership Pro plugins just as there is on Event booking plugins.

I hope you have understanding for this unfortunate configuration dilemma and I would love to help out with feedback and testing for solutions.

Thanks. That makes sense and I have just worked on it. Basically, two things were added:

- Add Show On Frontend Management to all these plugins. By default, it's No, that mean these plugins are not available on frontend plans management
- Added a parameter called Exclude User Groups to allows you to exclude the groups you want in frontend plan management

If you want, you can submit a support ticket so that I can send the updated package to you for testing before I include it into next release of the extension

Regards,

Tuan

Wauv .. that was fast Tuan

These two solutions sounds like the right medicine, I will gladly help test them.
ill write a support ticket.

I am really impressed yet again Tuan.

Your service level is so good and the way you listing and collaborate with your customers is the reason why Membershiå Pro and Events Booking has become excellent products that never stops evolving.

A big thanks to you and your team for your great work.