XF 1.2 Forums with limited permissions

flynnibus

flynnibus

Member
I know this is a common topic - but I can not figure out what the real intention of the design is here.

My user groups are basically like this..
- unregistered
- registered
- special promotion groups
- some restricted access groups (penalty box, limited access, etc)

All users are members of registered, and I add them to special promotion groups when those users pick-up new permissions to other nodes.

The user groups are setup so that registered users are granted the baseline permissions all users would expect.. posting, viewing, etc.

Normally I would expect to make the permission changes at the node level. Normally I'd like to treat all forums as the default level.. and either remove some permissions or grant new ones based on the groups.

My problem is because all users are members of 'registered users' - I have a very hard time making the forums how I need.

Specifically if I want to make a forum specific to only a certain group - I must mark it 'Private' and then give specific permissions to the group in question.

That works if I want ONLY that group to have permissions.

But if I want a forum everyone has the ability to read.. but only certain users to post.. I can't make it work out. My default is to have a special access group, and grant them permissions via 'allow' on the node to that user group.

But because I want to reduce the permissions of the general population, I use 'revoke' on the posting permissions of the group 'registered users'. I change the permissions on the node for the special access group to 'allow' for posting permissions. But because everyone is a member of 'registered users', even the special access users, the revoke on 'registered users' overrides the 'allow' permission granted by the special access group

If posting permissions are granted to 'registered users' - a group everyone is a member of.. how can I remove that permission while NOT removing it for everyone?

Either groups shouldn't be layered.. which obviously isn't the design given primary and secondary groups..
or
Permissions really shouldn't be granted to user groups like 'registered users'.

Can someone please paint a picture of how this should be setup?
 
Sort by date Sort by votes
Maybe it's a bug?

The user in question is part of 'registered users' which is set to revoke on this node. The user is also part of a second user group which has 'allow' set for the node. According to the manual, 'revoke' can be overridden. And my expectation is the 'allow' in the second user group should allow the permission.

If I use the analyze permissions tool... it says the user account should be able post. The user actually has 'yes' for all the permissions listed in the analyze permissions tool for the node in question.

But if I use 'test permissions' and use the simulation of the user... they can't post in the forum.

So the analyze permissions and test permissions do not agree about the same user on the same node.
 
Upvote 0 Downvote
According to this...
http://xenforo.com/community/resources/understanding-permissions.360/

Allow + Revoke = Overall Yes

Only an explicit Allow (as opposed to an inherited Allow) can override a Revoke. A Revoke is designed to trump inherited access and reduce a user's permissions unless you explicitly Allow (no inheritance) that permission elsewhere in the Node Permissions (e.g. for one of the user's other groups).
Click to expand...

the last sentance is exactly what I'm trying to do. The user is a member of two groups.. Group one has a revoke set on the node, but Group two has an Allow.

I don't think the forum is actually working right if these allow/revoke are from multiple group memberships and being applied on the same node level.
 
Upvote 0 Downvote
As I said, your set up should be working. If you send me information I will look into it. Alternatively, you can use the analyze permissions tool to determine a root cause.
 
Upvote 0 Downvote
Jeremy said:
As I said, your set up should be working. If you send me information I will look into it. Alternatively, you can use the analyze permissions tool to determine a root cause.
Click to expand...

As I said in my earlier post..

If I use the analyze permissions tool... it says the user account should be able post. The user actually has 'yes' for all the permissions listed in the analyze permissions tool for the node in question.

But if I use 'test permissions' and use the simulation of the user... they can't post in the forum.
Click to expand...

I also tried with a dummy user because the test and analyze permissions tools were in disgreement.. and the dummy user follows the 'test permissions' result. No posting.

So.. like I said.. analyze permissions is not matching what the forum actually allows for the user.

I've opened a support case now because this is not adding up
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

E
  • Question Question
XF 2.2 How to make all registered users reply like unregistered w/ reply permissions?
Replies
10
Views
355
EchoRomeo
E
L
  • Question Question
bug on the second user group permission
Replies
10
Views
789
Black Tiger
Black Tiger
P2PLeon82
Forum not showing
Replies
11
Views
461
Opus X
Opus X
Ozzy47
XF 2.3 Collapse Permissions
Replies
2
Views
169
Jeremy P
Jeremy P
C
  • Question Question
XF 2.2 Node permissions
Replies
3
Views
437
Stuart Wright
Stuart Wright
Top Bottom