Best Of
Re: Any example of using the new sort & filter module?
^^ Absolutely agree.
With your plugin, I am gunning for something similar to what Discourse has done. With Discourse, one is never lost. You can sort, filter etc, it is a sweet ride.
Before I start hacking the code, what do you think is the feasibility of adding directional sort?
Something Like /filterdiscussion?CategoryID=NE:32&Type=EQ:Question&CountViews=GT:0&sort=CountViews:asc
&sort=CountViews:asc tells what column is to be sorted how.
FilterDiscussion Plugin - Answers about security
One of the plugin users raised questions about the plugin security and I answered them in separate comments. I wanted to put these aspects all together in one place.
- First, the plugin conforms to Vanilla permissions model - whatever parameters are used to display the discussions, they augment the Vanilla built-in permission model. For example, if a user does not have access to a category, no matter which filter is used the users won't see discussions in the unauthorized category.
- To use the plugin the user must have a special permission ('Plugins.FilterDiscussion.View') set in Roles. Since an admin is authorized for everything an admin may not notice that regular users cannot get results unless they are also granted that permission.
- The plugin dashboard defined which columns can be used for filtering so if you have additional columns (for example those defined by the Discussion Extender plugin) they can be disallowed to be used for filtering.
- Filter specifications can be saved as named filters hiding the parameters from end users.
Hope that answers some questions.
Re: Vanilla 2.8.1 - Clicking on notifications gives 'invalid CRSF token' error [RESOLVED]
Thank you both for your help.
The issue was caused by a modified me.php module.
Removing that resolves the issue.
whu606
Notice on new classes in Vanilla 2.8
As many of of you might have noted, the 2.8 release is around the corner. https://open.vanillaforums.com/discussion/36959/more-changes-in-vanilla-2-8-coming-feb-6#latest
There are a few things I'd like to note for addon developers in this release.
Note on new classes
We've added quite a few new subsystems that are not fully ready for public consumption. I'm trying to mark them with the @internal annotation, but I may not get all of them. With that in mind:
Don't use new undocumented classes, especially ones with the @internal annotation, unless you are ready and prepared to update them in the next release. We are actively iterating on these new parts of the framework, and some may have their public APIs, and classnames adjusted in the next release.
A few examples of of classes or namespaces like this.
- Vanilla\Formatting\EmbedManager
- Vanilla\Models\Model
- Vanilla\Models\PipelineModel
- Vanilla\Datebase\Operation
- Vanilla\Formatting\Embeds
- Vanilla\Models\DraftModel
- Vanilla\Web\PageController
- Vanilla\Web\Page
When these new pieces are completed we will document them publicly, deprecate old alternatives, and provide a clear path forward. Thank you for your understanding.
Re: how to write the validation using API format
@R_J I'll note best practice for these controllers (as documented) is to always have a `$this->permission()` call even if it's an empty string. This allows "default" permissions to be enforced (if the site is configured to have escalated default permissions).
Re: how to write the validation using API format
I do not really have read the documentation, I just wanted to quickly assemble some working code. Thanks for giving that extra information. But now that you have mentioned it, I have taken a look at the Schema docs and I have found that:
$schema = new Garden\Schema();
$schema([
's:name' => 'The title of the discussion.',
's:body' => 'The body of the discussion.',
's:format?' => 'The discussion format.',
'i:categoryID' => 'The category to place the discussion.',
])
->setDescription('Add a new discussion.')
->validate($body)
In this example the type shortcut and the name are the other way around. That looks like an error...
I also cannot see what 'score:i|n' => 'Total points associated with this post.', would mean (taken from the DiscussionsApiController). What does this "|n" stands for?
R_J
OpenID Connect and SSO Callback
I'm trying to set up a page (let's call it example.com) with embedded Vanilla comments. The idea is that when a user logs in to example.com they are also logged in to Vanilla via OIDC SSO.
A user can already log in to example.com using OIDC. During the log in process to example.com the auth provider gives all of its SSO targets an SSO token using an HTTPS GET call, e.g. vanilla.example.com?sso_token=abcd1234. The SSO targets should at this point store the SSO token e.g. to a cookie and later append it and another query parameter (prompt=none) to the authorization url to log in to the application silently without additional user interaction.
Are there any plugins that already implement this flow? I'm currently using the OAuth2 plugin, but it does not seem to support this use case.
Re: Issues setting up CAPTCHA
I can't remember what I did to make CAPTCHA happy, but everything is working fine now. The new 2.8.1 is now on line at https://hotboots.com/bol/ and impressing our users. Thanks!
Re: Looking for assistance with a new 2.8.1 installation
@Shadowdare and other Vanilla users --- Vanilla 2.8.1 is now on line at https://hotboots.com/bol/ and it's working great! It took a little work and a lot of input help from Hurricane Electric, our service provider, to get things set up properly, but once I got it going it's been working fine, surprising the Trustees and users by all the nice features.
Is there a Vanilla User Guide available anywhere that I could "steal" and post on the site to help introduce all of the various features of Vanilla to the users?
Thanks for a beautiful piece of software!
Larry Kenney
San Francisco
Re: Disable yellow flash when posting comment?
Add this to your CSS:
.highlight-effect {
animation: none;
}
