SMF2.0:Permissions

From Online Manual

Jump to: navigation, search

Please see SMF1.1:Permissions or SMF2.0:Permissions depending on the version of SMF you are using.

In this section, five tabbed pages are available: General Permissions, Board Permissions, Edit Profiles, Post Moderation, Settings

General Permissions

This page shows a list of all membergroups, along with a few statistics. On the right of each membergroup is a checkbox and a modify link. The checkbox allows the administrator to apply the advanced options to make quick and easy changes to the membergroup permission profiles. The modify link allows the administrator to customize each permission for the usergroup.

Modify

Use the Modify link to the right of the membergroup name to set one or more permissions for the members of this group. Please see List of Permissions for more information on all the permissions, and Moderator for more information on how moderator membergroup works.

Advanced Options

These options allow you to quickly make changes to membergroups. To use them, first select one or more membergroups above by checking the box on the same line with the membergroup name. Then choose to do one of the things listed in the With selection box. When you have completed your selections, use the Set permissions button to make the changes.

For every membergroup selected above:

  • Apply pre-defined permission set: Select one of the profile types from the option list to reset permission profiles to one of these four choices.
  • Set permissions like this group: Select the name of one of the membergroups from the option list to reset permission profiles to match the membergroup you select here.
  • Add/Clear/Deny permission Select Add permission, Clear Permission or Deny Permission from the option list, then select a permission from the (Select a permission) option list. Deny is only present if Enable the option to deny permissions is checked in the settings tab.

List of Permissions

General

  • View forum statistics - The collected statistics of an SMF forum that can be found in the Info Center
  • View the memberlist - A list of all registered members of an SMF forum. It can be found in the Info Center
  • View Who's Online - A summary of who's on an SMF forum, and it can be found in the Info Center
  • Search for posts and topics - Allows users to search the forums using keywords and phrases. Can be found in the navigation bar.
  • Change other people's karma - Allows users to edit the karma of other users. This displays as +X/-X or +X beside the posts of members, where X is the member's karma totals.

Calendar

  • View the calendar - Determines whether a user can view the calendar of an SMF forum. It can be found in the navigation bar.
  • Create events in the calendar - Determines whether a user can create new events in the calendar.
  • Edit events in the calendar - Determines whether a user can edit events in the calendar.

Forum Administration

  • Administrate forum and database - Determines whether a user can change database connection properties, edit server settings, and perform other administrative functions.
  • Manage boards and categories - Determines whether users can create, modify, and/or delete boards and categories.
  • Manage attachments and avatars - Determines whether users can manage and delete attachments on the forum.
  • Manage smileys - Determines whether a user can change smiley sets, delete smileys, and change smiley options.
  • Edit news - Determines whether a user can edit the forum's news.
  • Access the moderation center - Determines whether a user can see the Moderation center'.

Member administration

  • Moderate forum members - Determines whether a user can register users manually, track IP addresses, online status, etc.
  • Manage and assign membergroups - Determines whether users can create, manage, or delete membergroups.
  • Manage permissions - Determines whether users can manage member permissions.
  • Manage ban list - Determines whether a user can ban other members and/or discontinue bans.
  • Send a forum email to members - Determines whether a user can send an e-mail in bulk to all members or individual membergroups; this keeps the users from having to reveal their own e-mail addresses.
  • Issue warnings to members - Determines whether a user can send warnings to other members of the forum.

Personal Messaging

  • Read personal messages - Determines whether a user can view personal messages sent to him or her.
  • Send personal messages - Determines whether a user can send personal messages to other members.

Member Profiles

  • View profile summary and stats - Determines whether a user can view profile summaries and member stats.
  • Edit account settings - Determines whether a user can edit their own account's settings as well as the account settings of all members.
  • Edit additional profile settings - Determines whether users can edit individual forum preferences such as their avatar, theme preferences, notifications and Personal Message settings. If this is not checked, the user will be forced to use the default settings
  • Edit custom title - Determines whether users can edit their custom titles.
  • Delete account - Determines whether a member can delete their account or other members' accounts.
  • Select an avatar from the server - Determines whether a user can select an avatar from the avatars uploaded on the forum.
  • Upload an avatar to the server - Determines whether a user can upload their personal avatar to the server.
  • Choose a remotely stored avatar - Determines if a user can use an avatar from another server or site.

The board permissions are different from the other four categories of permissions. This is because any forum may have several boards, and membergroups may have different permissions on different boards. Each Board Permission Profile is a list of the entire set of Board Permissions for each membergroup. The board permissions can be accessed from this page, and for each board via the Permissions by Board tab (see below).

Board Permissions

Topics

The six topic approval permissions are only visible if the core feature Post Moderation has been enabled.

  • Post new topics, without requiring approval - Determines whether users in this membergroup can post new topics without moderator or administrator approval.
  • Post new topics, but hide until approved - Determines whether users in this member group can post new topics which are visible to moderators with the necessary permissions or administrators, but not other users.
  • Post replies to topics, but hide until approved - Determines whether users in this membergroup can post replies which are visible to moderators with the necessary permissions or administrators, but not other users.
  • Post replies to topics, without requiring approval - Determines whether users in this membergroup can post replies without moderator or administrator approval.
  • Post attachments, but hide until approved - Determines whether users in this membergroup can post attachments which are visible to moderators with the necessary permissions or administrators, but not other users.
  • Post attachments, without requiring approval - Determines whether users in this membergroup can post attachments without moderator or administrator approval.
  • Post new topics - Determines whether users in this membergroup can post new topics.
  • Merge any topic - Determines whether users in this membergroup can merge topics.
  • Split any topic - Determines whether users in this membergroup can split topics.
  • Send topics to friends - Determines whether users in this membergroup can send topics to their friends via email.
  • Make topics sticky - Determines whether users in this membergroup can make some topics sticky topics.
  • Move topic - Determines whether users in this membergroup can move their own topics, all topics, or no topics at all.
  • Lock topics - Determines whether users in this membergroup can lock their own topics, all topics, or no topics at all.
  • Remove topics - Determines whether users in this membergroup can remove their own topics, all topics, or no topics at all.
  • Post replies to topics - Determines whether users in this membergroup can Post replies to their own topics, all topics, or no topics at all.
  • Modify replies to own topics - Determines whether users in this membergroup can modify replies to their own topics.
  • Delete replies to own topics - Determines whether users in this membergroup can delete replies to their own topics.
  • Announce topic - Determines whether users in this membergroup can announce (send topic by email or private message) their topics.

Posts

  • Delete posts - Determines whether users in this membergroup can delete their own posts, all posts, or no posts at all.
  • Modify posts - Determines whether users in this membergroup can modify their own posts, all posts, or no posts at all.
  • Report posts to the moderators - Determines whether users in this membergroup will be able to report posts to the forum moderators that receive forum notifications.

General

  • Moderate board - Determines whether users in this membergroup can moderate the boards they have access to. With this permission users can reply to locked topics, change poll expiration time and view poll results.
  • Approve items awaiting moderation - Determines whether users in this membergroup can approve topics, posts, or attachments which need to be approved. Post moderation must be enabled in Core Features for this to be displayed

Polls

  • View polls - Determines whether users in this membergroup will be able to view polls.
  • Vote in polls - Determines whether users in this membergroup will be able to vote in polls they can see.
  • Post Polls - Determines whether users in this membergroup will be able to make their own polls.
  • Add poll to topics - Determines whether users in this membergroup are allowed to add polls to existing topics. The forum admins can choose whether they must have posted the topic, or if they can add it to any Topic they can see.
  • Edit polls - Determines whether users in this membergroup can edit their polls, any polls, or no polls at all. This permission allows a user to edit the polls options, reset the poll, edit the maximum number of votes, and edit the expiration time of the poll. In order to edit the maximum number of votes and the expiration time a user needs to have the 'Moderate board' permission.
  • Lock polls - Determines whether users in this membergroup can lock their own polls, any polls, or no polls at all.
  • Remove polls - Determines whether users in this membergroup can remove their own polls, any polls, or no polls at all.

Notifications

  • Request notification on replies - Determines whether users in this membergroup will be able to request notification on replies to topics they select.
  • Request notification on new topics - Determines whether users in this membergroup will be able to request notification when new topics get posted in a board.

Attachments

  • View Attachments - Determines whether users in this membergroup can view attachments.
  • Post Attachments - Determines whether users in this membergroup can post attachments on topics.

Board Permissions

On this page, every board is listed with its corresponding permission profile.

  • Selecting the board name will bring you to the board's Modify Boards page in Admin > Forum > Boards.
  • Selecting the name of the permission profile on the same line will bring you to the Edit Profiles page for this profile.
  • Selecting [Edit All] will allow you to choose a new permission profile from drop-down lists for one or several different boards at once -- click on the "Save" button when you are done.

A more detailed section on this can be found at Board Permissions

Edit Profiles

This page provides ways to create new permission profiles and edit, delete, or rename existing profiles.

Edit Profiles

All the existing permission profiles are listed along with the number of boards using each profile. To modify any existing profile, click on its name. You will then be taken to a page that lists the membergroups and the permissions they have been assigned in relation to this particular permission profile. To change the permissions of a membergroup within this permission profile, click on "Modify" next to the name of the membergroup.

New Profile

  • Profile Name - In this box you can define the name of the new permission profile.
  • Copy Permissions From - By selecting one of the existing profiles from this dropdown box, the permissions from this profile will be used for the newly created one.

Rename

You can rename permission profiles that you have created, but the four default permission profiles (Default, No Polls, Reply Only, and Read Only) cannot be renamed. When the Rename button is clicked, all the profiles you have created can be renamed, as long as they are not currently assigned to a board. After renaming a profile, make sure that you click on the Save Changes button.

Remove Selected

You can delete any permission profile that you have created. The four default permission profiles (Default, No Polls, Reply Only, and Read Only) cannot be removed. Select the checkbox on the same line as the profile you wish to remove, and then click the Remove Selected button. Note that you can only delete a permission profile if it is not currently assigned to a board.

Post Moderation

Post moderation must be enabled in Core Features for this page to be visible.

In this section admins can define the actions that require Post Moderation for each permission profile. This is a shortcut way of changing some of the permissions in the board permission profiles.

The administrator must first select a profile from the option list and select the go button. For each listed profile, there are four user actions for which post moderation permissions can be set. Each one corresponds to board permissions in the corresponding profile. For each of these user actions, three post moderation options are available.

  • Post moderation allow.gif - Can Create. The members can perform the action without moderation.
  • Post moderation moderate.gif - Can Create but Requires Approval. The members can perform the action, but approval is required before becoming visible to all other members.
  • Post moderation deny.gif - Cannot Create. The member cannot perform the action.
User Action Post moderation allow.gif Post moderation moderate.gif Post moderation deny.gif
New Topics Post new topics, without requiring approval Post new topics, but hide until approved (neither allowed)
Own Replies Post replies to topics, without requiring approval, own topic Post replies to topics, but hide until approved, own topic (neither allowed)
Any Replies Post replies to topics, without requiring approval, any topic Post replies to topics, but hide until approved, any topic (neither allowed)
Attachments Post attachments, without requiring approval Post attachments, but hide until approved (neither allowed)

Post moderation cannot be used to set deny permissions even if deny is enabled. The 'cannot create' option in post moderation is only ever disallow.

Settings

  • Membergroups allowed to manage permissions - Administrators can select which membergroups are allowed to manage permissions.
  • Enable the option to deny permissions - Once enabled along with granting permissions it will be possible also to deny any permission. Denied permissions are not allowed even if the member belong to another membergroup for which the permission is granted.
  • Enable permissions for post count based groups - Determines whether or not membergroups based on post count can be used to manage permissions.

About Permissions

Options

SMF's permissions are so powerful because they can be set for each individual permission to three options rather than just on or off.

  • A - This option gives user current permission
  • X - This option does not give the user current permission
  • D - This option denies the user current permission

Things get really interesting when a user belongs to 2 or more membergroups with different options (A, X or D) for the same permission.

Member belongs to 2 membergroups

In this example a member belongs to only 2 different membergroups with different options for some permissions:

permissions option from group A option from group B Result for permission explanation
permission 1 A A allowed obviously
permission 2 A X allowed A wins X
permission 3 A D not allowed D wins A
permission 4 X X not allowed obvious too
permission 2 X D not allowed D wins X
permission 3 D D not allowed is this obvious or what?

In short: D wins A which wins X

Member belongs to 3 or more membergroups

  • If you want a permission to be allowed, then you must have option A in at least one group and no D.
  • If you want a permission to be disallowed, then you must have all options X, or
  • If you want a permission to be disallowed, you must have option D in at least one group. It does not matter if other options are A or X.

You should not use D too much. Its a good idea to use special private membergroups just to Deny some permissions. If you don't want some members to use e.g. private messages, you can set up a private membergroup with a descriptive name like "no-pm" and for that membergroup, set the permissions for pm to D. Every member of that group is not allowed pm's regardless of the other groups they belong. If you change your mind about that setting you can find easily which membergroup restricts PMs and reset it.

Main

Configuration

Forum

Members

Maintenance

Miscellaneous