XF 1.5 Suspected Template Modification or Permissions Issue for Custom Add-On (stuck)

Live Free

Active member
Hey guys,

I’m seeking help regarding what I believe to be a template modifications issue, but may be something else.

I have a custom add-on that applies per-user and per-node permissions for thread privacy, providing the option to 1) do nothing and leave the thread public, 2) restrict to members only, and 3) make private (only admin’s can see).

The add-on was later extended to provide 4) the option to make individual posts private on a per-node and per-usergroup level, but this functionality is not set.

This was a custom add-on I made made for XF 1.4.x, and seemed to work on 1.5.x. I’m unsure if this issue arose then or since then. I know the Xenforo theme doesn’t give support for third party add-ons. I’m hoping for guidance from a troubleshooting / bug fixing / developer point-of-view, as I’m trying to get more hands on and solve this myself. I want to understand why. I spent 6+ hours last night trying to solve this issue and I'm stuck.

This functionality shows up like this when creating a new thread:


It functions correctly.

However, the add-on is supposed to also provide the thread starter the option to edit their thread status: make it members only, private, or remove those restrictions.

This should be showing up either in the Thread Tools drop-down, or (more likely) the Edit Thread > More Options area. I’ve checked the permissions and uaergroups to make sure they are correct, and they are. The New Member usergroup has these two permissions “Not Set” under Usergroup Permissions. Under the node in question, they are set to Yes. Correct behavior should allow them to change the privacy settings.

What I’ve tried so far:
  • Confirmed Thread Views with All Permissions Work Correctly
  • Reviewed Usergroup Permissions
  • Reviewed Node Permissions
  • Confirmed Users can Edit Post Title and Edit Post
  • Usergroup Edit Post Timelimit is 25 minutes in Usergroup Settings, Unlimited in Node Settings
  • Ran Clean Up Permissions
  • Tested with Unmodified Style (to ensure it wasn’t a template edit)
I believe I’ve ruled out the above.

Remaining approaches I’ve tried, but not exhausted:
  • Examined the Template Modifications
  • Examined the Add-On Code. (I’m not a developer, but I learned a lot and it seemed to use the correct controllers.
Template Modifications:

The following code is inserted to thread_fields_status, which I believe is the Thread Settings you see when creating a new thread:

<xen:if is="{$canMakeThreadPublic}">


        <label for="ctrl_public"><input type="checkbox" name="public" class="thread_privacy" value="1" id="ctrl_public" {xen:checked '{$thread.thread_privacy_state} == "public"'} /> {xen:phrase public}</label>

        <p class="hint">{xen:phrase public_threads_can_be_viewed_by_anyone}</p>



<xen:if is="{$canMakeThreadMembersOnly}">


        <label for="ctrl_members_only"><input type="checkbox" name="members_only" class="thread_privacy" value="1" id="ctrl_members_only" {xen:checked '{$thread.thread_privacy_state} == "members_only"'} /> {xen:phrase members_only}</label>

        <p class="hint">{xen:phrase members_only_threads_can_only_be_viewed_by_members}</p>



<xen:if is="{$canMakeThreadPrivate}">


        <label for="ctrl_private"><input type="checkbox" name="private" class="thread_privacy" value="1" id="ctrl_private" {xen:checked '{$thread.thread_privacy_state} == "private"'} /> {xen:phrase private}</label>

        <p class="hint">{xen:phrase private_threads_can_only_be_viewed_by_yourself}</p>




$(".thread_privacy").change(function() {

    $(".thread_privacy").not($(this)).prop('checked', false);



The above variables should apply to the usergroup in question according to node settings.

I've confirmed thread_fields_status is included in thread_edit. I believe thread_edit is the drop-down edit thread functionality in thread tools I believe I've read is admin-only.

post_edit Template Modification:

<xen:if is="{$canMakePostMembersOnly}">


    <label for="ctrl_members_only">

        <input type="checkbox" name="members_only" value="1" id="ctrl_members_only" {xen:checked '{$post.post_privacy_state} == "members_only"'} /> {xen:phrase members_only}


    <input type="hidden" name="watch_thread_state" value="1" />

    <p class="explain">{xen:phrase members_only_post_can_only_be_viewed_by_members}</p>



This is for the code appears and functions #4 above, which allows members to edit posts to make them private. This functionality is disabled per usergroup permissions, but works when tested. I want to extend or fix the functionality of thread_fields_status.

I’ve manually tried adding the template modification from thread_fields_status to the post_edit template, or including_thread_fields_status, but it doesn’t work (even for admins). Would modifying the add-on in debug/dev mod and extended post_edit to include the missing conditions be the way to go? I tried manually adding the template modification with no luck, even for admin permissions.

I'm not a developer so I'm not sure this is the appropriate spot to be looking to, but here is an excerpt from Thread.php in ControllerPublic (in an attempt to verify users do meet the conditional requirements):

class ThreadPrivacy_ControllerPublic_Thread extends XFCP_ThreadPrivacy_ControllerPublic_Thread
    public function actionEdit()
        $response = parent::actionEdit();
        $response->params['canMakeThreadPublic'] = $this->_getForumModel()->canMakeThreadPublicInForum($response->params['forum']);
        $response->params['canMakeThreadMembersOnly'] = $this->_getForumModel()->canMakeThreadMembersOnlyInForum($response->params['forum']);
        $response->params['canMakeThreadPrivate'] = $this->_getForumModel()->canMakeThreadPrivateInForum($response->params['forum']);
        return $response;


    public function canMakeThreadPrivateInForum(array $forum, &$errorPhraseKey = '', array $nodePermissions = null, array $viewingUser = null)
        $this->standardizeViewingUserReferenceForNode($forum['node_id'], $viewingUser, $nodePermissions);
        if (!$viewingUser['user_id'])
            return false;

I believe the uaergroups have the appropriate permissions for {$canMakeThreadMembersOnly} and all the others listed in thread_fields_status, unless these differ from what’s set in node permissions, so it should just be a matter of making sure it’s inserted property. But I’m not sure, and could use some help from people with a better understanding of add-on development and template modifications.

Does this look like a Template Modification implementation issue (suspected) or defining the appropriate conditional variables in the add-on folder?

At a loss here.
Last edited:
Top Bottom