XF 1.5 Lost access by a staffie

[grit]

Recently, we made a supermod of a member (all our mods are super, figuratively and actually) but somehow he's lost access to two subforums. I've tried all the tricks I can think of short of demoting and starting over. He can see all moderator functions, just cannot see those two subforums. I add, both of those subforums are restricted to registered members, and he was able to see them before promotion. A clue, please.

 

[KawaiiHannah]

CHeck to make sure they have premission to view those two sections if you made custom permissions

 

[grit]

CHeck to make sure they have premission to view those two sections if you made custom permissions

Thanx for the reply. All mods have the same permissions across the forum as near as I can tell. The mystifying part is that his access to those two sections disappeared at the same time he was promoted. Then again, it is easy to mystify me as I blunder thru the ACP.

 

[KawaiiHannah]

Thanx for the reply. All mods have the same permissions across the forum as near as I can tell. The mystifying part is that his access to those two sections disappeared at the same time he was promoted. Then again, it is easy to mystify me as I blunder thru the ACP.

That's strange I'll let a better Member answer me I know that's what happens maybe try forcing all premission to ALLOW not inherit

 

[Mike]

You should try the permission analyzer for this user for those specific forums. It should give you an indication where the permissions are coming from.

 

[grit]

Thanks, Mike. Will try that right now.

 

[grit]

BINGO!! Somehow those two nodes have been taken out of his access. Now, for another green hand question, how does one turn those "nos" into "yesses."

There's a LOT of scoop I have yet to figure out. Whew!!

For some reason, checking the secondary user group for him won't hold thru a save. Is that related to the access permissions?

 

[grit]

BINGO!! Somehow those two nodes have been taken out of his access. Now, for another green hand question, how does one turn those "nos" into "yesses."

There's a LOT of scoop I have yet to figure out. Whew!!

For some reason, checking the secondary user group for him won't hold thru a save. Is that related to the access permissions?

ETA: Rats. Overran the edit timeout.
@Mike or anyone that can point me in the right direction. The way we are structured, I don't have access to the software in code form, just via the ACP. At this point, it might be worth demoting him then re-promoting him and see if the node permissions carry forward. To my mind that looks drastic if there's a better way.
No hurry with this, but we do need the new mod fully functional. We've lost one to a skirt, and another is seriously ill.

 

[Mike]

Can you show a screenshot of the permission analysis for that user? I presume it's the "View node" permission we're interested in, so make sure that has its details expanded.

 

[grit]

Jeez, man, take a holiday off, will ya? After all, it's Labor Day, even if you are across the pond. (But thanx.)

By now, you've figured out I ain't exactly fully computer literate. The screen shot was a total fail, so was a copy/paste of the contents of the node analysis (too big to post.) So here is what showed up at the top of the node analysis. The "no" is what I think I need to change to "yes" to match the permissions of the rest of the mods. There is another node that has the same problem, other than that, all the rest of the node permissions match up correctly.





Analyze Permissions

This tool allows you to analyze the individual components that make up a permission set for a user. It is particularly useful for determining why a permission is not being applied as you expect.

View node:
No (Details)

+++++++++++++++++++++++++++++++

Expanded the details, here
View node
Global Permission Values
Moderators:Allow
Registered (Full):Not Set (No)
Content Permission Values
(node name) - Content-Wide:Revoke
Final Value (Content):No

 

[Mike]

It looks to me like you've made "(node name)" a private node. That means no one has access to it unless you explicitly grant access. Based on that, none of the groups the user is in have been granted access. You would need to go into the node permissions and set "view node" to allow for the groups you want to access it.

 

[grit]

(node name) was substituted for the actual node designation, done after c&p into the drafted post. Hm (scratching bald spot). It is private in the sense that membership is required to view that and the other node that is giving me/him trouble. As a regular member, the new staffie could see it and did post to it before promotion.

 

[Mike]

It looks like "private node" option has been selected for that node (in the node permissions). Is that not the case? If it is, what groups have you given access to?

 

[grit]

It looks like "private node" option has been selected for that node (in the node permissions). Is that not the case? If it is, what groups have you given access to?

That is the case. All registered members have access to that node. Guests do not. In that sense, it is private. Please bear in mind that the original setup of the forum was done by the site owner, who has chosen to absent himself recently (there are forest fires in his AO, even if he hasn't had other reasons.) I'm trying to figure out what and how as I go along.

 

[Mike]

Can you give the specific group name(s) that have access to the forum and the list of groups this moderator is in? Based on the results, I'm pretty sure the moderator is in "Moderators" and "Registered (Full)" only.

 

[grit]

The moderator in question is as you surmise, primary usergroup "moderators" and the secondary usergroup "registered (full)." All the rest of the mods are also in the secondary usergroup of "moderators." (Also "display as staff" is ticked and works properly.)
(For some reason, ticking the moderators box in secondary usergroup of mods will not save for him.)

If I understand your question re: groups that have access to the nodes, it is "registered."

Parenthetically, "registered(full)" has the same access.

 

[Floyd R Turbo]

You should really only have one primary usergroup, that being "registered" where everyone with a confirmed account has a base set of permissions.

Anyone who has registered but has not confirmed their account will be in the "unconfirmed" primary group, which automatically limits their permissions.

You should not have anyone with a Primary group other than Unconfirmed or Registered.

Any other group assignments should be as secondary groups. If you don't do that, then you're not really using the permissions system as it's intended to be used, and this can mean anyone who tries to help you troubleshoot this is coming at this from a completely different angle.

You can hamstring the permissions system if you want to, but you need to be clear that you have done so.

The permissions system is powerful but also not intuitively obvious, so let's take this one step at a time.

Do a series of "search for users" via ACP and search only by "primary user group" and go through each usergroup and see if you have anyone with anything other than Registered or Unconfirmed as their primary group. Let's start there.

 

[Martok]

You should really only have one primary usergroup, that being "registered" where everyone with a confirmed account has a base set of permissions.

Indeed and there is an official guide to implementing permissions across multiple usergroups (with all users having Registered as their primary user group) here:

https://xenforo.com/community/resources/implementing-permissions-across-multiple-user-groups.358/

 

[grit]

You should really only have one primary usergroup, that being "registered" where everyone with a confirmed account has a base set of permissions.
As noted, the original setup was done by another. I believe that "registered" indeed has a base set.

Any other group assignments should be as secondary groups. If you don't do that, then you're not really using the permissions system as it's intended to be used, and this can mean anyone who tries to help you troubleshoot this is coming at this from a completely different angle.
Understood. The angle of approach is part of this, I'm coming in on an unknown heading

You can hamstring the permissions system if you want to, but you need to be clear that you have done so.
I get that. To this green hand, the permission system remains mysterious. And again, I'm coming late to the party. For one thing, all I have done thus far is try to promote a member to mod, which worked except that his access to two nodes vanished. I do NOT think that the original setup deviated from standard as far as permissions goes.

Do a series of "search for users" via ACP and search only by "primary user group" and go through each usergroup and see if you have anyone with anything other than Registered or Unconfirmed as their primary group. Let's start there.

OK, did that search on all of the 18 of the user groups in the dropdown menu (a goodly number of those are unique to the site, very special cases if I understand all I know.) Used the default choices for the searches. I was NOT ready for the results, all that came up was "No users matched the specified criteria." except for the search on "moderators" where the new mod in question popped up and no others.

 

[Floyd R Turbo]

Make sure you don't have a username entered into the "all users" search field before you do the search - that gets "stuck" and will narrow the results down to only that user. So just blank out that field first on the "all users" field then go to "search for users"

You should get a list of all users when you search for "registered".

It appears the mod was placed into that group as a primary group. Change him to "registered" primary then use the "moderators" link then add a mod.