Is there a mod that skips the admin login for user editing and just allows me to change someone's usergroup right on their profile?

Have never seen one, and i would never suggest installing such a modification as it reduce the level of security.

i would like this, and how would it reduce security? I'm undeletable user, and have nothing to worry about.

I'd like to know how it would reduce security as well, no matter if one is an undeletable user or not...

I mean, where's the risk in having a modification that would check to see if someone is in the Admin group (or groups, if a forum has more than one) and display on the member profile page an option to change a user's usergroup?

Skipping a login intended to block out unwanted users from accessing potentially harmfull actions?

You are asking me how this is decreasing the level of security?

Well, yeah, I am. O.o

Skipping a login to change someone's usergroup based on the current user's usergroup... It just seems that if someone was able to somehow spoof their usergroup in the first place, what would the additional check exactly do to prevent this?

That is not what he is asking. He wants an admin to be able to change anyones usergroup from the profile without additional AdminCP session login.

Yes, that's what I'm wondering, too.

Let me clarify, though, I'm not trying to argue--I just would like to program some simple modifications that might emulate some AdminCP tasks. I would like to know, "hey, what extra protection exactly is offered by logging in through AdminCP to do this, and why can't I simply check a user's usergroup instead?"

It's not this specific modification I'm talking about (I really don't see much need for it), but some others. For example, I'm in the middle of programming a "Shoppe" of sorts, and one of the tasks it does (when a certain item bought is activated) is adds a person to a usergroup with a larget PM inbox size. Another item adds a user to a group with a larger avatar limit.

I would like to know how my code is insecure with this, so that I can make needed adjustments.

As long as it is the script doing this (without user input into the usergroup, Admin CP options are an exception), it should be fine.

Let me clarify, though, I'm not trying to argue--I just would like to program some simple modifications that might emulate some AdminCP tasks. I would like to know, "hey, what extra protection exactly is offered by logging in through AdminCP to do this, and why can't I simply check a user's usergroup instead?"

The front-end login can be saved (and often will) and re-used at a later stage. This could lead to a user with bad intentions to obtain an admin session to the forums without the need to login or know the password. By requiring an extra login before performing any admin actions, we ensure that the person does know the admin password. This also (to some extent) protects about malformed links intended to trick an admin to click and unwillingly perform staff actions.