XF 1.2 Copy user groups

[ld762]

I need to create new user groups. It's a pain in the butt to manually creating and setting permissions to each one.

Is there away to copy permission of say Registered Users and then tweak the permissions as needed?

I can create the groups through the backend database but not sure how they are linked to the permission since all data is in BLOG objects.

 

[Jeremy]

There is no method. Tweaking permissions should be done via secondary user groups. This resource should be helpful:
http://xenforo.com/community/resources/implementing-permissions-across-multiple-user-groups.358/

 

[ld762]

So from that post, I understand how the permissions work.
The challenge still remains as I need to create more user groups based on (a copy of) another user group. Maybe I just have to work it out mannually.

Would this be a good candidate for a future enhancement? I think it would be very benificial to have the new group mimic that of Registered Users instead of having no permissions at all.

 

[Jeremy]

You shouldn't be changing the primary user group, rather adding a secondary group. Meaning, you can add or modify permissions.

 

[Martok]

There should be no need to have two identical groups in Xenforo (i.e. Registered and one mimicking it) as you are suggesting. There should be just the one group needed for this. If you are using the second group to give access to some forums that the Registered group don't have access to, then you would simply create a secondary group with no additional permissions and add that to the relevent users. You then Revoke access to certain nodes for the Registered group and Allow it for the additional group.

As for additional permissions, again as Jeremy says, just put the additional permissions in the secondary groups (no need to replicate any of the permissions from the Registered group) and add the secondary group to the relevant members.

Once you get your head around this, it really makes a lot of sense and is a heck of a lot easier than messing around with single primary groups with very similar/identical permissions.

 

[Harpers Tate]

I agree with the others. You should avoid duplicating any permissions across UserGroups as far as possible. You set your base (everyone has this) permissions to the Registered group and then create several additional groups. You apply permissions to these incrementally, and put users in to one or many secondary groups as required. Permissions are additive.

Fairly simple example:

Suppose you have members, Moderators, Super Moderators and Administrators, with incremental permissions in that order.

A member is a member - "registered". You allocate a base set of permissions. Everybody has these.
A Moderator is in BOTH the primary "registered" group (so has those "registered" permissions) and a secondary Moderator group. Only the relevant extra permissions are allocated to the Moderator group. But system works such that the person gets both sets combined.
A Super Moderator is in ALL OF (primary) registered, plus (secondary) Moderator, and Super Moderator. Only the relevant extra permissions (over and above Moderator PLUS registered) are allocated to the Super Moderator group. The system works such that the person gets all three sets combined.
An Administrator is in ALL OF (primary) registered, plus (secondary) Moderator, Super Moderator and Administrator. Only the relevant extra permissions (over and above Super Moderator plus Moderator PLUS registered) are allocated to the Administrator group. The system works such that the person gets all four sets combined.

So it's a linear, incremental hierarchy.

Main benefit of this approach (example); suppose you install a new add-on with some permissions that need setting.
If you want everyone to have a permission, you give it only to Registered. Because everybody is "registered", it will apply to everybody.
Suppose you want Moderators and up to have it - give it only to Moderators. It will inherit upwards.
If you want Super and Admin to have it - give it to Supers
And if it's limited to Admin - give it just to Admin.

You don't have to limit it to one linerar hierarchy; you can have as many as you need. But the point is, at the "bottom" of each hierarchy you have "registered" which has the common set of permissions that applies to everybody. And then you add to these by creating,, and assigning members to, secondary group where ONLY the extra (or, indeed, revoked) permissions are set. Thus you never need to copy anything.

 

[ld762]

I think it's all clear to me now. Additional groups should not have permissions that base group already has.
That should make it a lot easier then.

Much appreciate you guys taking the time to explain this.