▄▄             ▄▄▄  ▄▄▄ Power
█  █ ▄▄▄▄ ▄▄▄▄▄ █  █ █  █
█▄▄█ █▄▄▄ █ █ █ █▀▀▄ █▀▀▄
█  █ ▄▄▄█ █ █ █ █▄▄▀ █▄▄▀

Login
Register
/ ad amd64 asm asmbb best bugs chat common debian deck design dll email fast fossil friendly gamedev heap help hiawatha incredible interop learning libfresh links linux meme meta.http-equiv money neo nginx numbers orly os outage pass password programmers programming resources script.alert.xss secret seo skins sodom source sourcecode support test work xss игнат котики парола русский тест уеб.програмиране хабр.наполеон
Categories Thread list

Purpose of limited access threads

Hi John:

I noticed in the Fossil repository that you are working on limited access threads and I wonder if these are intended for viewing and activity by logged in users, and so not visible without login?

In the opposite sense, will there be a configuration flag to disable adding new threads without being logged in?

Will there be a configuration flag to disable new logins?

If my understanding is correct then these features would provide the private forum capability that I asked about early in July in this post (15455).

A new forum database with the configuration flag set, followed by registration of all intended users, then disabling new registration would result in an empty thread list display until after a valid login. The limited access threads would then be visible.

Hope I've got the correct understanding.

Regards,

Chris

Well, the Limited access threads (LAT) are some kind of replacement for what is called "private message" (PM) in other forums. They are still not deployed here (because are not tested enough and need some database migrating script), so you can't see how they work, but I will try to explain.

The idea is to have threads where access (for reading and posting) have only the users invited by the author of the thread. It looks following way: the author checks a checkbox "Limited access thread" and enters the nick names of the invited users. Then posts the thread and all invited users can see this thread on the forum. All other users will not see the thread at all. Except for the forum admin of course.

The big advantage of LAT is that it allows communicating more than two users in one place (PMs are like email service). Another advantage IMHO is that this implementation shares most of the code, templates and database tables with the usual forum features.

I am not sure how this can be used for setting fully secret forum. You can try to set very low privileges for the new registered users (in the settings panel) and then to give posting privileges only to selected group of users. Then they should post only LAT and specifying all the group users. This way the forum will be private.

BTW, such behavior can be automated by modifying the templates with little JS that to check the checkbox and to fill all the users in the "invited" input field.

Of course, later the backend can be modified to provide hidden forums, but right now, I am not sure how all this should look like...

johnfound

... snip ...

The idea is to have threads where access (for reading and posting) have only the users invited by the author of the thread. It looks following way: the author checks a checkbox "Limited access thread" and enters the nick names of the invited users. Then posts the thread and all invited users can see this thread on the forum. All other users will not see the thread at all. Except for the forum admin of course.

... snip ...

I am not sure how this can be used for setting fully secret forum. You can try to set very low privileges for the new registered users (in the settings panel) and then to give posting privileges only to selected group of users. Then they should post only LAT and specifying all the group users. This way the forum will be private.

... snip ...

It's close to what I think would be suitable. The need to identify the invited users for each thread would be unworkable if there was a long list of them. As new users were registered in the future, the list of invitees would also need to be edited.

And how would a user be prevented from logging in after they had been "fired"? I don't see an admin function to disable permissions for an existing user.

crustyoz

And how would a user be prevented from logging in after they had been "fired"? I don't see an admin function to disable permissions for an existing user.

I will think about some kind of global "closed forum" setting that to allow reading all posts by only logged in visitors. The moment is right now, because I am playing with the permissions. ?rofl

crustyoz

And how would a user be prevented from logging in after they had been "fired"? I don't see an admin function to disable permissions for an existing user.

This is another feature that should be implemented soon. For now, I am using the SQLite console. It is pretty easy thought: update users set status=NNN where nick="crustyoz";

The NNN is computed as a sum of the following constants: permLogin = 1 ; Can login permPost = 4 ; Can post messages permThreadStart = 8 ; Can start threads permEditOwn = 16 ; Can edit his own posts permEditAll = 32 ; Can edit all posts (moderator) permDelOwn = 64 ; Can delete his own posts permDelAll = 128 ; Can delete all posts (moderator) permChat = 256 ; Can chat (if the chat is not public) permDownload = 512 ; Can download the attached files. permAttach = 1024 ; Can attach/edit/delete files to posts. permAdmin = $80000000 ; Forum administrator.

AsmBB v2.4 (check-in: 8bc9b47fcf53ebbd); SQLite v3.25.0 (check-in: 5a954533edbde58a);

©2016..2018 John Found; Licensed under EUPL.
Powered by Assembly language
Created with Fresh IDE

Icons are made by Egor Rumyantsev, vaadin and icomoon from www.flaticon.com