"Forbid creating entries?" Stops Group Permissions

Found a bug? Tell us!!
Post Reply
jonathanve
Regular
Posts: 10
Joined: Sat Oct 01, 2005 3:58 am

"Forbid creating entries?" Stops Group Permissions

Post by jonathanve »

Hi all,

I've been trying to create a user that only has permissions to set their own personal settings, but nothing else. So I created a user group named "Guest" with only the "personalConfiguration" permission set. However, I find that I must also set the "Forbid creating entries?" of each user to "no", otherwise this permission does not take effect.

Here's the code that I believe is the problem in include/functions_config.inc.php for serendipity_checkPermission():

Code: Select all

    if ($authorid == $serendipity['authorid'] && $serendipity['no_create']) {
        // This no_create user privilege overrides other permissions.
        return false;
    }
The result is that when a user logs in, they can do absolutely nothing. The problem with setting "Forbid creating entries?" to "yes" is that then the "New Entry" and "Add Media" options appear for the Login sidebar plugin. Of course, I could edit the login plugin to fix this, but I wonder if the extra condition in the above code is really necessary? If we should have an overriding permission option, maybe it should be some other option?

Thanks for any feedback and for an excellent product!

Jonathan
Top
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:
Contact garvinhicking

Re: "Forbid creating entries?" Stops Group Permiss

Post by garvinhicking »

Hm, I'm not sure if I understand properly.

Actually you should not enabled the "Forbid creating entries" permission, as this is only used for backwards compatibility. Instead use the group permission system to create a usergroup that may not create entries/images?

Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Top
jonathanve
Regular
Posts: 10
Joined: Sat Oct 01, 2005 3:58 am

Post by jonathanve »

OK, that makes sense. So the real bug is with the Login Form plugin. Line 55 needs to be changed to use the new group permissions:

plugins/serendipity_plugin_loginform/serendipity_plugin_loginform.php
if (!$serendipity['no_create']) { // <-- This line here.
echo '<a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new">' . NEW_ENTRY . '</a><br/>';
echo '<a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=media&serendipity[adminAction]=addSelect">' . ADD_MEDIA . '</a>';

}
I'm not familar with how to use the new group permissions, so I'm not sure what that should be.

Anyway, thanks for the feedback!
Top
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:
Contact garvinhicking

Post by garvinhicking »

Yes, you are right on this, such plugins need some modification!

I just committed version 1.04 of the plugin so that the new permission checks are applied.

Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Top
jonathanve
Regular
Posts: 10
Joined: Sat Oct 01, 2005 3:58 am

Post by jonathanve »

Excellent!! Thank you very much!

Jonathan
Top
Post Reply

Return to “Bugs”