• all users need an extra authorization to see their group members, so that currently a user cannot delegate a user task to another group member
• only the admin-user, which have all permissions, see his group members

-> the desired behavior would be that whenever a user will be added to a group, he should get automatically a read permission to see his group members (which would imply that a user can read his group members in the admin app too)