1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

As Designed Issue with 'Test Permissions' in AdminCP

Discussion in 'Resolved Bug Reports' started by psTubble27, May 16, 2013.

  1. psTubble27

    psTubble27 Well-Known Member

    When you use the "test permissions" in AdminCP, it doesn't apply entirely correct permissions. It may be actually applying some permissions from the administrator who is testing that user.

    To test, suppose you have the following structure:

    Category A
    +--Forum1 (private)
    ... +--Forum2 (private)

    Forums 1 and 2 are hidden by default, and 2 is a subforum in 1.

    You want a user group to see all contents of Forum2, but not of Forum1. So, for Forum1 you leave all permissions at Inherit, but set 'view threads of others' and 'start your own thread' to Revoke. Then for Forum2 you leave all settings at Inherit, and set those two settings to Allow. Then you're done and assign this group to a User (no other no other custom settings or usergroups are assigned).

    If you login with that user, the result is as intended: in Forum1 all threads are invisible, but when you enter Forum2 all threads there are visible and open for interaction to you.

    But if you view the user via "Test Permissions" (without logging in as him), the contents of Forum1 are entirely visible to you when they shouldn't. This makes me think some administrator permissions seep in.
  2. Jeremy

    Jeremy Well-Known Member

  3. Mike

    Mike XenForo Developer Staff Member

    I'm assuming the threads in forum 1 are by the admin? If so, test permissions applies the permissions to you, so you would still be able to see your own threads. (Equally, you can't see the other person's conversations, etc.)
  4. psTubble27

    psTubble27 Well-Known Member

    So, if a user cannot see forum1 threads when they log on, but 'test permissions -> user' does allow you to see those threads, that's a correct behavior? Shouldn't 'test permissions' show you exactly what permissions the user does and doesn't have?

Share This Page