XF 2.2 Allow only specific usergroup to post new thread?

zackw

New member
I know this is possible, I'm just wondering if I'm doing it right, or the best way.

We have created custom thread fields which are usable on a specific node. We also created a usergroup who is allowed to use these custom thread fields.
Next we want to make sure only this usergroup can post threads in this node in the first place. Basically only a certain usergroup can create threads, and use the custom fields when doing so.

I figure I would do this from the Node Permissions screen.
The problem is, it seems that I have to edit the permissions for ALL usergroups to deny them ability to create threads. In my case we don't have a lot of usergroups so this is not that big of a deal. But on another forum I work with, they have dozens of usergroups, so it seems like too much work to have to explicitly edit the permission of every single group one by one just so that I can have one group allowed to create threads there.

All I'm asking is if there is some easier way to make sure only specific usergroups can create new threads within a specific forum node, perhaps without having to edit every group one by one.


edit: Further, if new usergroups are created some day, it seems to me they would automatically have the ability to create threads unless I remember to go in the node permissions and explicitly deny them. This is also too much work, I'm sure we'd forget. Or perhaps we have a lot of nodes setup like this and don't want to adjust 100 items every time we create a new group. Hopefully there is an easier way!

I also though about setting the forum to private mode, but even here I'd still have to edit every group explicitly to allow them back in again. And the same issue applies when new groups are created, I have to remember to adjust them on every "special" node we have.
 

imno007

Well-known member
Assuming all members are in your "Registered" group, probably easiest to make the node private and then give the Registered group the usual permissions minus the ability to create threads. Then edit the second group with permissions to create threads.
 

zackw

New member
Assuming all members are in your "Registered" group, probably easiest to make the node private and then give the Registered group the usual permissions minus the ability to create threads. Then edit the second group with permissions to create threads.

What is the "usual permissions"?
I could probably guess, but it's kind of confusing. When I edit node permissions, all the defaults say "inherit". But inherit from what? Is there a base node permission set somewhere? Or is it inheriting from group permissions or user permissions?
If it inherits from group permissions, does that mean group permissions override node permissions, or do they combine?

Also not sure how your technique works with users in multiple groups. Like say an admin, who is also a registered user. If I remove the permission to post a thread from Registered group, but add this permission in my new group, it would naturally prevent admins and mods from creating threads too, I would think. So I'm back to having to edit many groups.

Regardless I'll try that technique, but if anyone has other suggestions, I'll take it!
 

imno007

Well-known member
You only have to allow View and disallow Post new threads, the rest will be inherited from your Registered group permissions

ALL your users should be in the Registered group, regardless of whatever other groups they might belong to. That's why you only have to edit the one group when setting the node to private - well, also the group(s) you want to allow to post threads.
 
Last edited:

imno007

Well-known member
If I remove the permission to post a thread from Registered group, but add this permission in my new group, it would naturally prevent admins and mods from creating threads too, I would think. So I'm back to having to edit many groups.
I didn't address this initially, but for your admins and mods, if you want them to have all the usual privileges they have with other nodes, literally all you would have to do is set the "View node" permission to Yes for each group.
 

nicodak

Well-known member
Like say an admin, who is also a registered user
Primary group permissions take precedence over secondary groups.

if you created a forum with specific permissions compared to all the others then yes you will have to edit the permissions of each usergroup for that forum. It can get long with a lot of usergroups but that's the admin's job, that's how it is.
 
Last edited:

Brogan

XenForo moderator
Staff member
Primary group permissions take precedence over secondary groups.
Nope.

Permissions are cumulative.


 

zackw

New member
Nope.

Permissions are cumulative.

Might I ask, what is the purpose of having a primary group then? Maybe it serves some other purposes but if not for permissions, what?

As for setting the node to private, I'm sure this has other ramifications than simply blocking viewing and posting right?
In other words, if I set the node to private, do I need to do anything more than simply turn on the view and post permissions? Seems like perhaps more stuff would have to be done. I don't know exactly what private mode changes.
 

Mr Lucky

Well-known member
Might I ask, what is the purpose of having a primary group then? Maybe it serves some other purposes but if not for permissions, what?
But it is for permissions. It sets the permissions at the lowest most basic level (most people probably use this for new members or those who haven’t chosen to upgrade)

Then secondary group permissions add to those underlying primary permissions and we use them to give added privileges or access to members who haven proven their legitimacy or values. Or have paid.

The most obvious example being new users get moderated. After a post or two that proves they are legit, their posts then go through without the need for manual approval.
 

imno007

Well-known member
As for setting the node to private, I'm sure this has other ramifications than simply blocking viewing and posting right?
In other words, if I set the node to private, do I need to do anything more than simply turn on the view and post permissions? Seems like perhaps more stuff would have to be done. I don't know exactly what private mode changes.

When you set a node to private, no one in any group, including administrative, will be able to view the node. Create a temporary/test node and try it. As soon as you turn on the "View node" for a particular group, everything else for that group is the same, meaning it will have all the privileges it does on every other node. Then you only have to edit what privileges you do or don't want a group to have for that one specific node.

You should just create a test account, set a test node to private, and then investigate the node as you change the group settings on the test account and the group privileges on the node.
 
Last edited:

zackw

New member
Thanks all.

Last question, do the permissions flow down to the sub-forums? Can I set the private forum and user permissions and everything just on the top-level node?
 

zackw

New member
Ok I should have just tested and looked around. I found in the docs that if they can't view a parent node, they won't be able to view children no matter what. That makes sense.

I just tested setting a forum to private. Then I added View ability only, for Registered user group. I want everybody able to browse the forums, just only one group who can post.
However, as an admin, I was still able to post a thread. So still trying to figure out how best to set it up.
 
Top