Bug: Change group restriction

[saloynton]

You are allowed to move to group if you do not own the data.
This can allow you to move data as a user to a group you do not belong to.

Change group also allows a user not be able to have the edit options once moved into orphaned images. This means that you cannot cut the image into a new group.
i.e logged in a user-6 and you can move an image from a user-3 read-only group to read-annotate group and then not have access to edit the image.

Rogers additional description and instances of this

• As user-6, I can move the data of user-2 in the private-1 group to groups which user-2 is not a member of (e.g. read-write-1). Effectively, the data vanishes and is inaccessible to both user-2 and user-6. Suggestion: restrict group list of the intersection of groups which user owning the moved file(s) belongs to.

• As user-6, I can move the data of user-2 in the private-1 group to groups which user-2 is not a member of (e.g. read-write-1). However, this results in an exception. Suggestion: restrict group list of the intersection of groups which user owning the moved file(s) belongs to.

• The general consciences is to restrict group list of the intersection of groups which user owning the moved file(s) belongs to.

[wmoore]

This is covered in #8974. In 4.4, web will only allow the data owner to chgrp their data, Insight will also allow Admin to move data, but only to groups where the data-owner is a member. Insight also allows you to choose P/D to move to, so that should cover the other 'orphaned' issue.