• This forum has been archived. New threads and replies may not be made. All add-ons/resources that are active should be migrated to the Resource Manager. See this thread for more information.

Understanding Permissions

Is there a way to make the forum visable to unregistered users, but if they want to access the forums they have to register?
 
Anthony Parsons said:
Yer... I found that the permissions for it don't exist with xenforo. I do hope they may in the near future to assist at the admin level for overall control of content.
Click to expand...

Brogan said:
I'm fairly sure that has been suggested, I'll see if I can find the thread.
Click to expand...

I don't think (unless I missed it) that anyone posted the link for that thread, so here it is...

http://xenforo.com/community/threads/suggestion-permission-system-view-own-threads-only.2820/
 
I partially have the permissions system figured out. But, here is where I'm stumbling. I think I have talked my way through it, but wanted to see if there's a better way.

I have a standard forum category where all registered users can read, post, etc. I want to set up an Off-Topic forum that only "Gold" members can visit. The Gold member level only adds a few minor items like the ability to change user title, upload attachments, and increased post edit time. For this Gold usergroup, I have set all permissions to Inherit, and only enabled those that add or enhance certain features.

For the Off-Topic forum node, I have revoked premissions for the Unregistered/Unconfirmed and Registered groups, but left all other usergroups set to inherit. Since the Gold members have their primary group as Registered, though, I believe this is why they are still not seeing the Off-Topic node.

Am I going to have to make the Gold usergroup a mirror of the Registered usergroup and add my Gold-group enhancements to it? To me, that seems to be the only way to do it. And at that point, does it matter if the Gold group is a primary or secondary group? Permissions for Gold are strictly additive in nature.
 
Rudy said:
I partially have the permissions system figured out. But, here is where I'm stumbling. I think I have talked my way through it, but wanted to see if there's a better way.

I have a standard forum category where all registered users can read, post, etc. I want to set up an Off-Topic forum that only "Gold" members can visit. The Gold member level only adds a few minor items like the ability to change user title, upload attachments, and increased post edit time. For this Gold usergroup, I have set all permissions to Inherit, and only enabled those that add or enhance certain features.

For the Off-Topic forum node, I have revoked premissions for the Unregistered/Unconfirmed and Registered groups, but left all other usergroups set to inherit. Since the Gold members have their primary group as Registered, though, I believe this is why they are still not seeing the Off-Topic node.

Am I going to have to make the Gold usergroup a mirror of the Registered usergroup and add my Gold-group enhancements to it? To me, that seems to be the only way to do it. And at that point, does it matter if the Gold group is a primary or secondary group? Permissions for Gold are strictly additive in nature.
Click to expand...
Bold part: That should work. Revoke the Registered User groups permissions, followed with an explicit Allow for the Gold Members Additional user group. As long as there is not an explicit Deny which would mess up the permissions because the Allow would not override that.
 
Rudy said:
Am I going to have to make the Gold usergroup a mirror of the Registered usergroup and add my Gold-group enhancements to it? To me, that seems to be the only way to do it. And at that point, does it matter if the Gold group is a primary or secondary group? Permissions for Gold are strictly additive in nature.
Click to expand...

Revoke can only be overridden by an explicit Allow. So yes, you will need a full set of explicit Allows for the Gold group. Primary / Secondary makes no difference. You might also consider using the Private Node feature which makes private forum permissions a little cleaner in that you only have to specify Allowed groups:

Admin CP -> Applications -> Node Permissions -> [select a forum] -> Private node
 
The Private Node feature is awesome. Much cleaner solution for non-standard forum permissions.
 
Can permissions be set on a user basis ?
ie. can I set a forum to be viewable for all admins + 1 regular user (who isn't an admin) ?
 
Jake Bunce said:
Revoke can only be overridden by an explicit Allow. So yes, you will need a full set of explicit Allows for the Gold group. Primary / Secondary makes no difference. You might also consider using the Private Node feature which makes private forum permissions a little cleaner in that you only have to specify Allowed groups:

Admin CP -> Applications -> Node Permissions -> [select a forum] -> Private node
Click to expand...

Thanks Jake--that makes more sense now, and seems like it would be less work.

I'm glad I set up a test forum for the time being, so I can adjust these permissions without causing a deluge of support emails. ;)
 
Actually, I'm just confusing myself now. I know where the checkbox is, but...what do I do next? Or in other words, where do I specify which groups are allowed to view the private forum? I can click on each individual usergroup below the checkbox and adjust permissions that way, but that doesn't seem right, as it seems like I would be assigning permissions for each group.

Edit: it seems that all I have to do is click "Allow" on View Node in each desired group, to make a private node appear. To be sure, I copied the URL to the private forum before adding the Allow permission, and got an access error; adding the Allow permission gave me my expected privileges.

It's nice and simple now that I have verified how it works, but still a bit counter-intuitive to what I was expecting. I guess my several years of being a vB admin makes it hard to unlearn everything I've picked up over the years.
 
Rudy said:
Am I going to have to make the Gold usergroup a mirror of the Registered usergroup and add my Gold-group enhancements to it? To me, that seems to be the only way to do it. And at that point, does it matter if the Gold group is a primary or secondary group? Permissions for Gold are strictly additive in nature.
Click to expand...
I can't easily find a way to "clone/mirror" user groups without manually setting all the default/allow/deny's myself... Any tips on this process?
 
There is currently no way to clone the settings of a usergroup to a new usergroup.

Bear in mind however that permissions are cumulative so if this is a secondary usergroup, you can leave everything which is already allowed in another group set to Default.
You only have to set to Allow any additional permissions.
 
Brogan said:
Bear in mind however that permissions are cumulative so if this is a secondary usergroup, you can leave everything which is already allowed in another group set to Default. You only have to set to Allow any additional permissions.
Click to expand...
Can you link me to a "how-to" on where this secondary usergroup setup is? I only see the 4 default (Admin/Moderating/Registered/Unreg) groups...
 
Any usergroup can be set as a primary or secondary.

Just create a new usergroup and set it as a secondary, complimenting the permissions of the primary.

usergroups.webp
 
Somewhat off track here, but is anyone working on a full set of "official" documentation for XF? I'd volunteer some time (as I have experience in writing, and technical writing), but I have a full class load this semester and can't commit a lot of time to it. Even a Wiki format might work, although I would restrict adds/edits only to approved staff (not open to the entire world, IOW).
 
I just found a neat way to use permissions!

About a half hour ago (yes, it's 6am here and I haven't been to sleep yet), I finally finished our conversion and put the new XF forum online. Due to the need for members to reset passwords, I wanted to put a notice up so visitors could see a specific forum area, and yet keep it out of the view of logged in users. As our entire forum is currently viewable only to registered users, I did not want to put our "Forum Business" section out in the public.

What I did was create a new forum node in the root, made it private, then granted view-only permission to guest (unconfirmed/unregistered) users, and full permissions to staff. When a visitor hits the forum, they see only the Help Desk forum, while registered users, logged in, never see it! For staff, I put a display order of 100000 on it so that it would bump all the way to the bottom of the node tree. I realize I also could have done this as a page, but we can use this for other important notices for non-registered users.

Very nice! I had it going in only a few mouse clicks.

VB probably would have needed a half hour, several ibuprofen and a bottle of Coke Zero before I'd have fully gotten it set up. :D
 
Rudy said:
What I did was create a new forum node in the root, made it private, then granted view-only permission to guest (unconfirmed/unregistered) users, and full permissions to staff. When a visitor hits the forum, they see only the Help Desk forum, while registered users, logged in, never see it!
Click to expand...
Hehe, that was one of the first things I did but for a Page so it acts as a welcome message which isn't visible when logged in :D
 
You must log in or register to reply here.

Similar threads

Steve Freides
Understanding User State other than Valid
Replies
4
Views
173
Neilski
N
CStrategies
XF 2.2 Help understanding xf_session and xf_session_activity
Replies
1
Views
195
CStrategies
CStrategies
D
  • Question Question
XF 2.1 Permissions understanding
Replies
13
Views
649
Mr Lucky
Mr Lucky
Ozzy47
XF 2.3 Collapse Permissions
Replies
2
Views
172
Jeremy P
Jeremy P
C
  • Question Question
XF 2.2 Node permissions
Replies
3
Views
441
Stuart Wright
Stuart Wright
Top Bottom