Resource icon

Node and Permission Moderation Settings Explained

Floyd R Turbo

Well-known member
Floyd R Turbo submitted a new resource:

Moderation Node and Permission Settings Explained - Clarification on how these settings interact

I encountered some problems figuring this out, and read several threads that attempted to explain how it works but I still couldn't grasp it. Since I have a technical writing background, here is my way of explaining this so that it can only be interpreted one way.

These 2 options work together to achieve the desired effect, and there is no way around that - you have to consider BOTH options when changing one of them.

The Moderate all messages posted in this forum node setting...
Read more about this resource...


XenForo developer
Staff member
I need to clarify something, because unfortunately this guide isn't totally correct:
The key word is "not". In this specific instance, "not" reverses the rule, which is to Moderate, or Not to Moderate. This means that the Follow message moderation rules Permissions setting will reverse the Moderate all messages posted in this forum Node setting, if set to No (not set) (or Never) for that user/group.
The "Follow message moderation rules" option doesn't invert any value.

If the final value for that setting is yes (allow), then the settings from the forum/other content type will be applied. If you choose to moderate all messages in a forum, then the message will be moderated even if follow message moderation rules = yes.

If the final value for that setting is no (anything but allow), then this person's messages will always be moderated.

Here's the code that uses it:
       if ($viewingUser['user_id'] && XenForo_Permission::hasContentPermission($nodePermissions, 'approveUnapprove'))
            return 'visible';
        else if (XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'followModerationRules'))
            return (empty($forum['moderate_messages']) ? 'visible' : 'moderated');
            return 'moderated';
The rough translation is:
  • If the user can approve/unapprove posts, the message will be visible. (This is for moderators as they'd just approve their post anyway.)
  • Otherwise, if they follow the moderation rules, then the message will be visible unless the "moderate all messages" option in the forum is enabled.
  • In all other cases, the message is moderated. This case is only ever hit it follow moderation rules = no.
The wording of this permission is a question (and is/has been discussed elsewhere, so this isn't a place for it) but the key for all permissions is that they're always positive: a final yes value gives more permissions/freedom than a no value. The yes case here means follow whatever settings (which may mean moderation on an individual location basis) while the no case means always moderate (likely because the user is unconfirmed or problematic).
Last edited:
Is there any possibility to add a rule for specific usergroups in specific forums? For example I want registered users to be able to post on almost all forums, but until they reach a higher rank after having reached 100 posts, they should be moderated in specific forums (where we have much spam).

Floyd R Turbo

Well-known member
This is an individual node permission setting. Go into your ACP Node tree and click Permissions next to the node, and then select the user group that you want to modify. Here is where you see the additional Revoke permission.

To do what you wish to accomplish, that is best done by placing everyone in an initial user group such as Registered, then creating a second group called Validated or something like that, then setting a user group promotion to advance Registered users into the Validated group once they have made 100 posts. Then in the desired node, you revoke the Post New Thread and Post Replies setting for the Registered group, but leave it as No (Not Set) for the Verified group.

But now that I think about that...that may not work, I would have to test it. If someone is a member of both Registered and Verified, Registered would revoke the setting that Verified has. I think. I would have to play with this to figure this out.

To take full advantage of the Permissions system, one would have all registered users as part of the Registered group, then you add users to the higher priority group (which will inherit the lower gorups' Allows)

Floyd R Turbo

Well-known member

Node Permission Terminology and Priority
Node permissions follow a similar concept to user group and user permissions, but the terminology is a bit different. The permission value priority is: (highest priority first)

  1. Never – this does not grant the permission and cannot be overridden.
  2. Allow – this grants the permission.
  3. Revoke – this does not grant the permission, but can be overridden.
  4. Inherit – this takes the value from the parent. See below.
A value of never cannot be overridden, even in a child node. Use it sparingly.

The inherit value causes the value for that permission to be inherited from the parent node. If there is no parent node, then the value will come from the user group and user permissions.
Not sure how it can be overridden. If this means that if you Revoke a permission for a user group (Registered) and then Allow it for a higher priority group (Verified) based on the styling setting, then Verified users would be able to post even though they are still part of the Registered group.

EDIT: It works exactly like that
Hey Floyd, thanks for the fast answer! Unfortunately I see no setting for posts / threads being moderated for a specific group in a specific forum. When I revoke the "Post New Thread" and "Post Replies" for registered users, they can not even submit a post since they have no permission. However, I would like to give them the possibility to post, but it should go to moderation queue.
I am currently preparing to move from vB3.8 where we had a similar setup (without plugins) but I can't find it in XenForo.

Floyd R Turbo

Well-known member
Oh I get what you are asking now. I think that would require adding a "Follow message moderation rules" permission setting on the individual node permissions page. Which is actually a very good idea.
Thanks for your help, I have liked the suggestion thread, too! And I will try the current 1.4 beta, maybe there is already such a setting ;)


Active member
I just am not getting how to moderate one users posts...I want to moderate that user for the entire forum, but am missing how to do it :-(

Harpers Tate

Well-known member
If you look at the permission with the very badly worded description "Follow Message Moderation Rules" - either on an individual user (if there are very, very few of them) or - better - in a usergroup (use of these properly to establish permissions is a separate discussion).......

What this means in English (as far as I can phrase it) is

If set to "allow" then posts made by this user (group) will follow the setting (rule) for the forum/node; in other words, if the node is moderated then posts will be moderated; and if the node is not moderated then posts will not be moderated.

If set to "Not Set (No)" or "Never" then posts made by this user (group) will not follow the setting (rule) for the node and ALL posts made by this user (group) will be moderated.

So in your case, if the default for all members is that they can post freely in unmoderated boards, but you have need to occasionally restrict some users, you have to use (either at user level or in a secondary group) this permission and set it to "Never". Note that "Never" is never over-ridden by other settings elsewhere.

(Would it make more sense if this permission were labelled "Can post without moderation in unmoderated nodes" - Not set (no)/Allow/Never ??)

Floyd R Turbo

Well-known member
I just am not getting how to moderate one users posts...I want to moderate that user for the entire forum, but am missing how to do it :-(
Create a "naughty" user group with Follow Message Moderation Rules set to Never and place the problem user in that group. You can also set the permission for the individual user, but to me it's easier to avoid setting custom permissions for individual users. Easy with a small number of users, difficult with a large number of users.

Floyd R Turbo

Well-known member
The point of that thread was to suggest a change be made, one that is more intuitively obvious. If you read the whole thread, your suggestion of "Can post without moderation in unmoderated nodes" was actually suggested. To me, liking the OP doesn't necessarily mean you would like to to be precisely that - it means you like the intention of the suggestion, and KMA would I'm sure take into account the evolution of the suggestion, especially if the OP of the thread posts a revision to the OP later in the thread.


Active member
Thanks @Harpers Tate and @Floyd R Turbo - I created a naughty users group :) And put that person in it...BUT...this definitely needs to be have the phrase so everyone understands what it means and to be able to moderate individual users should be a given.

I have about 2100 users, so not sure whether that is considered large or small, but I have not had to moderate before...hence, the reason I had to ask so many questions ;) Appreciate all your input!


Well-known member
to be able to moderate individual users should be a given.
You moderate individual users - ACP > Users > User Permissions. Personally I think the 'naughty group' method is better as you can quickly add and remove users to a group that is already set up rather than have to change the permissions for each user individually.