mNo edit summary |
|||
| Line 1: | Line 1: | ||
SMF normally uses an "inclusive" permissions system. What | SMF normally uses an "inclusive" permissions system. What this generally means is that any user has '''all''' permissions granted by '''any''' group that a user belongs to. If any membergroup that a user belongs to has a permission '''allowed''', then that user will be allowed that permission, regardless of any group that is set to '''disallow'''. | ||
example:<br> | example:<br> | ||
Group 1 has | Group 1 has '''allow''' set for post new topics, without requiring approval<br> | ||
Group 2 has | Group 2 has '''disallow''' set for that same option.<br> | ||
--- If a user belongs to both Group 1 and Group 2, then the user is | --- If a user belongs to both Group 1 and Group 2, then the user is '''allowed''' to post new topics, without requiring approval. | ||
The addition of the | The addition of the '''deny''' option changes this. '''Deny''' is an "exclusive" permission. If any membergroup that a user belongs to has a permission '''denied''', then that user will be denied that permission, regardless of any group that is set to '''allow'''. | ||
example:<br> | example:<br> | ||
Group 1 has | Group 1 has '''allow''' set for post new topics, without requiring approval<br> | ||
Group 2 has | Group 2 has '''deny''' set for that same option.<br> | ||
--- If a user belongs to both Group 1 and Group 2, then the user is | --- If a user belongs to both Group 1 and Group 2, then the user is '''denied''' the right to post new topics, without requiring approval. | ||
Many | Many administrators will use the '''deny''' setting in a post count based group to prevent new users (also known as potential spammers) from making changes to their profiles, or from making posts without approval. | ||
Note: This can become complicated to track when a | Note: This can become complicated to track when a '''deny''' permission is set in more than one group, and users belong to more than one of those groups. Be careful and frugal with the use of the '''deny''' permission setting. | ||
[[Category:FAQ]] | [[Category:FAQ]] | ||
Revision as of 21:08, 23 July 2013
SMF normally uses an "inclusive" permissions system. What this generally means is that any user has all permissions granted by any group that a user belongs to. If any membergroup that a user belongs to has a permission allowed, then that user will be allowed that permission, regardless of any group that is set to disallow.
example:
Group 1 has allow set for post new topics, without requiring approval
Group 2 has disallow set for that same option.
--- If a user belongs to both Group 1 and Group 2, then the user is allowed to post new topics, without requiring approval.
The addition of the deny option changes this. Deny is an "exclusive" permission. If any membergroup that a user belongs to has a permission denied, then that user will be denied that permission, regardless of any group that is set to allow.
example:
Group 1 has allow set for post new topics, without requiring approval
Group 2 has deny set for that same option.
--- If a user belongs to both Group 1 and Group 2, then the user is denied the right to post new topics, without requiring approval.
Many administrators will use the deny setting in a post count based group to prevent new users (also known as potential spammers) from making changes to their profiles, or from making posts without approval.
Note: This can become complicated to track when a deny permission is set in more than one group, and users belong to more than one of those groups. Be careful and frugal with the use of the deny permission setting.
