As designed Checking user permission through ACP

Moshe1010

Moshe1010

Well-known member
I will try to explain it as best as I can, but I hope this is not a local bug in my system.
This is my setup:

1. A node that is available only for people who purchased an upgrade. Users can only see/post in their own thread.
2. These people have special user group that they put into when they upgrade their account. This user group have the forum permissions to view only their own threads, post their, etc`.
3. When trying to check their permissions through ACP, I can't see a thread that they've created in that forum.
4. When logging into their account (with username and password, as usual), I do see their own thread.
 
I'll take a stab at this... but... it sounds like you're expecting Check Their Permissions to work as "log in as user", which it doesn't. Technically if you test a users permissions and go to that node where you have it setup, by having that users permissions you'd essentially only see your threads, because you have those certain permissions.

If I'm understanding your report correctly that is :D
 
If it's how you say it is, I don't get this feature then. "log in as user" gives me the ability to post as the user and reading her or his PC. Permission test should give me the ability to test if this user can see other threads or just its own at a specific node because it's a permission related issue. If I put this user at a different user group and test his permissions through the ACP, I can't see this node anymore since it's only visible to one user group. Thus, I can't see how having the ability to see your own thread only and not others is different on that matter.

When you say "you'd essentially only see your threads", do you mean my original user threads or my dummy test user threads? If it's the original user threads, then why do I need the test permission feature and why I put there a username for testing?
 
Last edited:
So... first off there is no log in as user function, I know there's a plugin out there for it. With my first reply I was more stating I think you were expecting the functionality of the Check User Permissions to work as if you're logging in as the user, that's not that case.

For instance on my forum I have a node called Support Tickets, permissions are setup so say my "customers" usergroup can post new threads and only view their own threads.

If I run Check User Permission when logged in as "Russ" on a user who's in the "customers" user group say his name is "Joe" and browse to that node I would of course be able to see in the node but only view my active threads(my as in me logged in as "Russ"). Even though I'm checking Joe's user permissions I'm not signed in as Joe therefore wouldn't see his threads. Check User Permission is just an easy functionality to browse around the nodes / plugins to see what they have access too, not their specific content necessarily.
 
Russ said:
So... first off there is no log in as user function, I know there's a plugin out there for it. With my first reply I was more stating I think you were expecting the functionality of the Check User Permissions to work as if you're logging in as the user, that's not that case.

For instance on my forum I have a node called Support Tickets, permissions are setup so say my "customers" usergroup can post new threads and only view their own threads.

If I run Check User Permission when logged in as "Russ" on a user who's in the "customers" user group say his name is "Joe" and browse to that node I would of course be able to see in the node but only view my active threads(my as in me logged in as "Russ"). Even though I'm checking Joe's user permissions I'm not signed in as Joe therefore wouldn't see his threads. Check User Permission is just an easy functionality to browse around the nodes / plugins to see what they have access too, not their specific content necessarily.
Click to expand...

So let's make it clear, Check User Permissions through ACP can give me the ability to test if a user has the ability to access/see a node, but doesn't have the functionality to test other permissions like user's content (for example watching only it own threads)? Where is the logic here?
I think I got it basically. It works in reverse to "log in as user" plugin you were talking about. It takes the permissions of this specific user and forces your own user to use these permissions. Then yes, it's not a bug, sorry.
 
Moshe1010 said:
I think I got it basically. It works in reverse to "log in as user" plugin you were talking about. It takes the permissions of this specific user and forces your own user to use these permissions. Then yes, it's not a bug, sorry.
Click to expand...
That is indeed exactly how it works. :)
 

Similar threads

woody
  • Question Question
XF 2.2 Rejected member approval issue
Replies
8
Views
378
woody
woody
N
  • Question Question
XF 2.2 "Your full account details are not currently editable."
Replies
0
Views
145
Newsman
N
Mouth
  • Question Question
XF 2.2 Lost password log - how frequently is the lost password form being triggered?
Replies
0
Views
118
Mouth
Mouth
JamesBrown
  • Question Question
XF 2.2 Show thread title but not it's content in What's New
Replies
1
Views
201
Mr Lucky
Mr Lucky
P
  • Question Question
XF 2.2 How to use Upgrade Users correctly
Replies
2
Views
291
Paul B
Paul B
Top Bottom