Serendipity Forums

User and developer community
https://board.s9y.org/

"Forbid creating entries?" Stops Group Permissions

https://board.s9y.org/viewtopic.php?t=2947

Page 1 of 1

"Forbid creating entries?" Stops Group Permissions

Posted: Sat Oct 01, 2005 4:07 am
by jonathanve
Hi all,

I've been trying to create a user that only has permissions to set their own personal settings, but nothing else. So I created a user group named "Guest" with only the "personalConfiguration" permission set. However, I find that I must also set the "Forbid creating entries?" of each user to "no", otherwise this permission does not take effect.

Here's the code that I believe is the problem in include/functions_config.inc.php for serendipity_checkPermission():

Code: Select all

    if ($authorid == $serendipity['authorid'] && $serendipity['no_create']) {
        // This no_create user privilege overrides other permissions.
        return false;
    }
The result is that when a user logs in, they can do absolutely nothing. The problem with setting "Forbid creating entries?" to "yes" is that then the "New Entry" and "Add Media" options appear for the Login sidebar plugin. Of course, I could edit the login plugin to fix this, but I wonder if the extra condition in the above code is really necessary? If we should have an overriding permission option, maybe it should be some other option?

Thanks for any feedback and for an excellent product!

Jonathan

Re: "Forbid creating entries?" Stops Group Permiss

Posted: Tue Oct 04, 2005 5:17 pm
by garvinhicking
Hm, I'm not sure if I understand properly.

Actually you should not enabled the "Forbid creating entries" permission, as this is only used for backwards compatibility. Instead use the group permission system to create a usergroup that may not create entries/images?

Best regards,
Garvin

Posted: Wed Oct 05, 2005 6:46 am
by jonathanve
OK, that makes sense. So the real bug is with the Login Form plugin. Line 55 needs to be changed to use the new group permissions:

plugins/serendipity_plugin_loginform/serendipity_plugin_loginform.php
if (!$serendipity['no_create']) { // <-- This line here.
echo '<a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new">' . NEW_ENTRY . '</a><br/>';
echo '<a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=media&serendipity[adminAction]=addSelect">' . ADD_MEDIA . '</a>';

}
I'm not familar with how to use the new group permissions, so I'm not sure what that should be.

Anyway, thanks for the feedback!

Posted: Wed Oct 05, 2005 2:26 pm
by garvinhicking
Yes, you are right on this, such plugins need some modification!

I just committed version 1.04 of the plugin so that the new permission checks are applied.

Best regards,
Garvin

Posted: Thu Oct 06, 2005 5:36 am
by jonathanve
Excellent!! Thank you very much!

Jonathan
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited