Permission profiles: Difference between revisions From Online Manual

Jump to: navigation, search
No edit summary
No edit summary
Line 26: Line 26:


Further information about permission profile(s) can be found at [[Board Permissions]]
Further information about permission profile(s) can be found at [[Board Permissions]]
==About Permissions==
===Options===
SMF's permissions are so powerful because they can be set for each individual permission to three options rather than just on or off.
*'''A''' - This option gives user current permission
*'''X''' - This option does not give the user current permission
*'''D''' - This option denies the user current permission
Things get really interesting when a user belongs to 2 or more membergroups with different options (A, X or D) for the same permission.
===Member belongs to 2 membergroups===
In this example a member belongs to '''only''' 2 different membergroups with different options for some permissions:
{| border="1" style="text-align:center"
!permissions!! option from group A !! option from group B !! Result for permission !! explanation
|-
! permission 1
| A || A || allowed || obviously
|-
! permission 2
| A || X || allowed || A wins X
|-
! permission 3
| A || D || not allowed || D wins A
|-
! permission 4
| X || X || not allowed || obvious too
|-
! permission 2
| X || D || not allowed || D wins X
|-
! permission 3
| D || D || not allowed || is this obvious or what?
|}
In short: D wins A which wins X
===Member belongs to 3 or more membergroups===
*If you want a permission to be allowed, then you must have option A in at least one group and no D.
*If you want a permission to be disallowed, then you must have all options X, or
*If you want a permission to be disallowed, you must have option D in at least one group. It does not matter if other options are A or X.
You should not use D too much. Its a good idea to use special private membergroups  just to Deny some permissions. If you don't want some members to use e.g. private messages, you can set up a private membergroup with a descriptive name like "no-pm" and for that membergroup, set the permissions for pm to D. Every member of that group is not allowed pm's regardless of the other groups they belong. If you change your mind about that setting you can find easily which membergroup restricts pm's and reset it.


[[Category:As_an_administrator]]
[[Category:As_an_administrator]]
[[Category:Permissions]]
[[Category:Permissions]]

Revision as of 21:12, 2 July 2013

Permission Profiles

The Permission Profile page of the Permissions section of the Administration Panel is used to configure permission profiles for your forum.


Why should I use a permission profile?

A Permission profile is useful in cases where you want to limit a user group from having a certain permission in a certain board or boards. A permission profile can also be used to limit a specific user in the same way given that the user is added to a new group that takes advantage of the change in the profile.


What is a permission profile?

A Permission profile is essentially a "Profile" of permissions configurations for your membergroups. Permission profiles only contain board related permissions, You can assign whatever permission profile you want to each of your boards. A board that opts to use a certain profile will have membergroups obtain the permissions that the profile grants for each group to have. A default "global" permission profile is assigned to boards that do not have their own custom permission profile assigned to it.


The Permission Profile Entrance Page

As you enter the Permission Profiles page you will see two tables.

The table at the top list the names of all of the permission profiles that already exist on your forum. To edit the permissions for a profile, simply select the name of the profile you wish to edit. You will also see a Delete checkbox next to permission profiles that you added yourself (not built in) that you can select to delete the profile as long as it is not used by a board currently.

The table below that is used to create a new permission profile. You can input the name you want to give the permission profile in the Profile Name field. Below that you can copy the membergroup permissions configuration from another profile by selecting a profile in the selection box labeled Copy Permissions From. If you leave the selection at Default, the profile will start off with the same permissions that are used for your global board permissions.

Editing Permission Profile Permissions

Upon naming the permission profile you will be taken to a page that looks just like the default page you are taken to when you go to the Permissions section of your Administration Panel. However you are editing permissions for a completely different profile when you are taken to this page. On the top of this page it will tell you which profile you are editing. That is, unless you select the Default built in profile, which would allow you to edit the same "global" permissions from the default permissions page, except it would be only for board specific permissions.

How do I use a Permission Profile?

Once you have created your profile, modify the board you want to apply the profile to and select the profile from the Permission Profile drop down.

Further information about permission profile(s) can be found at Board Permissions

About Permissions

Options

SMF's permissions are so powerful because they can be set for each individual permission to three options rather than just on or off.

  • A - This option gives user current permission
  • X - This option does not give the user current permission
  • D - This option denies the user current permission

Things get really interesting when a user belongs to 2 or more membergroups with different options (A, X or D) for the same permission.

Member belongs to 2 membergroups

In this example a member belongs to only 2 different membergroups with different options for some permissions:

permissions option from group A option from group B Result for permission explanation
permission 1 A A allowed obviously
permission 2 A X allowed A wins X
permission 3 A D not allowed D wins A
permission 4 X X not allowed obvious too
permission 2 X D not allowed D wins X
permission 3 D D not allowed is this obvious or what?

In short: D wins A which wins X

Member belongs to 3 or more membergroups

  • If you want a permission to be allowed, then you must have option A in at least one group and no D.
  • If you want a permission to be disallowed, then you must have all options X, or
  • If you want a permission to be disallowed, you must have option D in at least one group. It does not matter if other options are A or X.

You should not use D too much. Its a good idea to use special private membergroups just to Deny some permissions. If you don't want some members to use e.g. private messages, you can set up a private membergroup with a descriptive name like "no-pm" and for that membergroup, set the permissions for pm to D. Every member of that group is not allowed pm's regardless of the other groups they belong. If you change your mind about that setting you can find easily which membergroup restricts pm's and reset it.



Advertisement: