Has anyone noticed that the new release of functionality for Access Requests (where you can now pick the site Owners group to receive the email requests - excellent!) does not add the users to your site's default group anymore.

Instead it adds the user directly to the site, not in any group.

Im not sure how I feel about this - its a bit scary to think the idea is we have lots of users having permissions set directly.

Is this expected behaviour? If so, what do you guys think about this - is this what you want?

Thanks

Nigel