Better way of assigning admin priviledges
Our current way of assigning admin priviledges is flawed when using multiple providers in the the same config repo, like we do with the bitmask
repo.
Somebody wants to be admin for one domain, but currently, admins can only get assigned for on a global level for all domains.
On another domain, an attacker could now register the same name and get admin privs.
Like this: leap_mx#8665 (comment 124717)
A better way would be to bootstrap a single initial admin account that could than assign admin privs to registered users from the webapp itself.