User Group Best Practices

Will Franco

Active member
For admins, I make the primary user group administrator. This methods prevents the registered user group from interfering with the administrative user group. In this forum, the posts say "All members are in the Registered user group as the primary."

What's the downside to the method I'm using?
 

Will Franco

Active member
That's correct.


To confirm, Administors are not referred to a members.

Administrators have the Administrative user group set to the primary, so the registered user permissions don't interfere with it. A good example of this would be a NEVER permission in the Registered user group.
 

Brogan

XenForo moderator
Staff member
Every registered account is a member.

You can set the permissions up as you wish but I have posted links to how XF has designed the system to be used.
 

Mr Lucky

Well-known member
A good example of this would be a NEVER permission in the Registered user group.
But why have a never permission assigned to the primary registered group. Obviously you can do what you want, but the usergroup system in xenforo works with all users having registered as primary. If you do something else it just makes things complicated.

Not saying you can't do it, but I like things easy.
 

Will Franco

Active member
@Mr Lucky Easy is relative. Our use case is non-standard.

To know the best method, a comparison needs to be made based on the requirements of the forum. For starters, I mark most nodes as private and then grant permission at the node. This makes it very easy for me to understand who can access the node (and reduces the chance of error). In the example below, Registered can't view threads by others. Premium can view threads by others. I don't have to worry about the Admin usergroup because it gets a Yes at all nodes and remains unaffected by changes in the other usergroups.

1647298017073.jpeg

Is it ass backward? Yes. Is there a better way? Probably.

I curious as to how another person would approach the situation (and happy to pay to get that feedback).
 
Last edited:

Will Franco

Active member
Example:

Admin Access to nodes
  • Registered cannot view content NO
  • Premium can view content YES
Method 1: Standard

Admin is in Registered. I need to give Admin a YES also.

Method 2: Alternative

Admin is in Admin. I don't have to worry about cancelling NO's in the Registered usergroup.

In other words, in the standard set up I need to factor in a potential NO in the registered user group. In the alternative approach, the Admin usergroup is isolated. I don't have to worry about any NO's in the registered usergroup.

How would you approach this situation?
 

Brogan

XenForo moderator
Staff member
If administrators have access to the premium nodes then they should be in the premium user group.

Remember that administrators have enhanced permissions for the ACP.

They are not necessarily moderators and shouldn't automatically have all permissions in the forum.
 

Will Franco

Active member
@Brogan

How do I get staff to have only the staff banner, and users to have all banners (stacked)? If I can do that, I can fix the admin usergroup.

1648493814424.jpeg
 

Kirby

Well-known member
For starters, I mark most nodes as private and then grant permission at the node. This makes it very easy for me to understand who can access the node (and reduces the chance of error).

[...]

I curious as to how another person would approach the situation (and happy to pay to get that feedback).
Seems over-complicated to me, less permissions is usually better and less error-prone.

If you usually do not want Registered to view threads by others but allow that for Premium I would configure exactly that in the usergroups, eg.

Registered: View threads by others = No
Premium: View threads by others = Yes

This way you don't have to touch node permissions at all (except for nodes that have different requirements) and it becomes very clear which nodes have special permissions.

If you instead setup permissions for each (top-level) node every node looks like it has special permissions (because it has).
 

Will Franco

Active member
Thanks for the feedback; it's invaluable to see another person's way of doing things.

Right now, I mark EVERYTHING private and do permission at the node-level for the following user groups:
  • Unregistered / Unconfirmed
  • Registered
  • Product A, B, C
  • Premium
  • TAP 1, 2, 3 and/or ALL
Every node corresponds to a user group. A user can either view / not view a node. It's a brain juice drainer but it's the best way I've been able to figure out so far.

Nodes
  • Your Products (user group)
    • Product A (user group)
    • Product B (user group)
    • Product C (user group)
  • Paid Products (user group)
    • Product A (link forum)
    • Product B (link forum)
    • Product C (link forum)
  • Free for All (user group)
  • Premium Area (user group)
  • Premium Content (user group)
  • TAP (user group) ({chort} {date}]
    • Module 1 (user group)
    • Module 2 (user group)
    • Module 3 (user group)
    • Module 4 (user group)
    • Module 5 (user group)
    • Module 6 (user group)
--

Topview: https://community.vrmb.com/

Thoughts?
 
Last edited:

Will Franco

Active member
In the above setup, registered is the base permissions. The additional user groups unlock / lock the corresponding node. For example, Premium user group > Premium Area nodee and Premium Content node.

I'm all ears on a better way of doing things. Not sure if the below makes things simpler?

Registered: View threads by others = No
Premium: View threads by others = Yes

Kinda feels like it would complicate the situation.
 
Top