(wikification. repetition. inclusive = additive.) |
(user -> member) |
||
| Line 1: | Line 1: | ||
SMF normally uses an "inclusive" permissions system. In other words, permissions are normally "additive". Normally | SMF normally uses an "inclusive" permissions system. In other words, permissions are normally "additive". Normally, a member has '''all''' permissions granted by '''any''' membergroup that a member belongs to. If any membergroup that a member belongs to has a permission '''allowed''', then that member will be allowed that permission, regardless of any group that is set to '''disallow'''. | ||
example: | example: | ||
*Group 1 has '''allow''' set for post new topics, without requiring approval | *Group 1 has '''allow''' set for post new topics, without requiring approval | ||
*Group 2 has '''disallow''' set for that same option. | *Group 2 has '''disallow''' set for that same option. | ||
*--- If a | *--- If a member belongs to both Group 1 and Group 2, then the member is '''allowed''' to post new topics, without requiring approval. | ||
"Deny" changes everything. '''Deny''' is an "exclusive" permission. If any membergroup that a | "Deny" changes everything. '''Deny''' is an "exclusive" permission. If any membergroup that a member belongs to has a permission '''denied''', then that member will be denied that permission, regardless of any group that is set to '''allow'''. | ||
example: | example: | ||
* Group 1 has '''allow''' set for post new topics, without requiring approval | * Group 1 has '''allow''' set for post new topics, without requiring approval | ||
* Group 2 has '''deny''' set for that same option. | * Group 2 has '''deny''' set for that same option. | ||
* --- If a | * --- If a member belongs to both Group 1 and Group 2, then the member is '''denied''' the right to post new topics, without requiring approval. | ||
Many administrators will use the '''deny''' setting in a post count based group to prevent new | Many administrators will use the '''deny''' setting in a post count based group to prevent new members from making changes to their profiles, or from making posts without approval. | ||
Note: This can become complicated to track when a '''deny''' permission is set in more than one group, and | Note: This can become complicated to track when a '''deny''' permission is set in more than one group, and members belong to more than one of those groups. Be careful and frugal with the use of the '''deny''' permission setting. They are easy to lose track of. | ||
[[Category:FAQ]][[Category:BFG]] | [[Category:FAQ]][[Category:BFG]] | ||
Revision as of 16:25, 10 January 2014
SMF normally uses an "inclusive" permissions system. In other words, permissions are normally "additive". Normally, a member has all permissions granted by any membergroup that a member belongs to. If any membergroup that a member belongs to has a permission allowed, then that member will be allowed that permission, regardless of any group that is set to disallow.
example:
- Group 1 has allow set for post new topics, without requiring approval
- Group 2 has disallow set for that same option.
- --- If a member belongs to both Group 1 and Group 2, then the member is allowed to post new topics, without requiring approval.
"Deny" changes everything. Deny is an "exclusive" permission. If any membergroup that a member belongs to has a permission denied, then that member will be denied that permission, regardless of any group that is set to allow.
example:
- Group 1 has allow set for post new topics, without requiring approval
- Group 2 has deny set for that same option.
- --- If a member belongs to both Group 1 and Group 2, then the member is denied the right to post new topics, without requiring approval.
Many administrators will use the deny setting in a post count based group to prevent new members from making changes to their profiles, or from making posts without approval.
Note: This can become complicated to track when a deny permission is set in more than one group, and members belong to more than one of those groups. Be careful and frugal with the use of the deny permission setting. They are easy to lose track of.
