Announcement

Collapse
No announcement yet.

How do I list users allowed to a private forum?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How do I list users allowed to a private forum?

    I imported from UBB 5 where I had private forums with authorised users.

    I assume the import has created access masks in VB for those users allowed to these forums.

    I can't see a way to list all the users who are allowed to access a particular forum - how can I do this?

    Also can you grant access to forum based on usergroup - eg allow all moderators access to a forum rather than each individual user?

  • #2
    Unfortunately, there's no way to see "this user can access forum A but not B" in a direct method. Although I know freddie mentioned something like that too me a couple months ago (that was still after everything was closed, feature-wise though).

    You can of course browse the access masks at Users->Find->[some criteria]->"edit access".

    And yes, you can assign permissions on a usergroup-by-forum basis at Usersgroups & Permissions->modify forums. You'll just want to make sure your moderators are actually in the correct group.

    Comment


    • #3
      OK, but the ability to list who has access to a particular forum is an essential feature that I am surprised is missing.

      The private forum management is slightly lacking in VB in my opinion.

      I happen to know quite a lot about computer security and if VB stores the forum permissions with each user's entry - then the design is wrong.

      Any controlled object should have an access control list associated with it, listing the groups and/or users allowed access together with
      their level of access.

      User specified access level should over-ride group specified access level. Where listed more than once (eg several groups) the highest level should prevail

      But then VB does not allow a user to belong to more than one group - another strange thing which makes ACL management hard.

      Comment


      • #4
        forum permissions are for groups only. there are no defined "levels", each forumpermission set defines what they can and can't do.

        Comment


        • #5
          But still no way to generate a definitive list of the users with access to forum X ??

          Comment


          • #6
            You can look at the forum (usergroup) permissions page and it will show you what usergroups have special permissions for a forum, but that doesn't take access masks into account.

            I happen to know quite a lot about computer security and if VB stores the forum permissions with each user's entry - then the design is wrong.
            It doesn't. (storage wise, they're separate -- can't do a one-to-many relationship otherwise)

            Although there is a user-by-user permission system (access masks), itisn't meant to be used instead of the usergroup system, but with it (or even, in exception to).

            Access masks are primarily meant to allow you give a user different permissions to a specific forum without having to create a separate usergroup for that user. (Well, that was my point when I coded them)

            User specified access level should over-ride group specified access level. Where listed more than once (eg several groups) the highest level should prevail
            That's how it works: access -> forumpermission -> usergroup.

            Comment


            • #7
              OK so you should use groups for access control - but you can't be a member of more than one group at the same time(or can you?).

              So would this mean creating a group for every permutation of access permissions to a number of private forums?

              Comment


              • #8
                OK so you should use groups for access control - but you can't be a member of more than one group at the same time(or can you?).
                No, you can't. And I can't come up with a way to put a user in more than one usergroup as usergroups only exist at one level, so there wouldn't be a way to prioritize.

                So would this mean creating a group for every permutation of access permissions to a number of private forums?
                Yes, but this is generally where access masks are helpful -- use them to create the exceptions to your permissions system. You'll still be creating several usergroups most likely though.

                Comment


                • #9
                  OK, I think you can appreciate this design is not really scalable to a large number of private forums though.

                  Plus you really still need to be able to either

                  (a) list all the users who can get into forum X

                  or

                  (b) list all the forums that user Y has access to

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...
                  X