Blog Documentation Try Vanilla Cloud
Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

Tagging Permissions

SebhaelSebhael
edited January 2012 in Vanilla 2.0 - 2.8

I'm trying to use Vanilla as sort of a catalog, and I'd like to restrict tagging to specific user-groups to ensure searching is accurate and streamlined. So I'd like to restrict general members from using tags, but allow other "staff" groups to insert and utilize them.

Any thoughts on this would help, thanks.

Best Answer

Answers

  • Options
    hbfhbf wiki guy? MVP

    modify the view to only show the tagging field when a permissions check passes. There are examples of this type of code in many other plugins.

    Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained

  • Options
    SebhaelSebhael

    I figured as much, but when I look at other examples it seems like they have specific permissions created for them. I couldn't manage to get it to work using "tagging manage" permissions, it just spit out "User Does Not Have Permission" errors.

  • Options
    hbfhbf wiki guy? MVP
    Answer ✓

    Sebhael said:
    I figured as much, but when I look at other examples it seems like they have specific permissions created for them. I couldn't manage to get it to work using "tagging manage" permissions, it just spit out "User Does Not Have Permission" errors.

    create a custom permission group and refer to it by name.

    Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained

  • Options
    SebhaelSebhael

    I got it by inserting

    $Session = Gdn::Session(); if ( $Session->CheckPermission('Garden.Users.Edit') ) { // All of the "Add The Tag Input to the Discussion Form" Code of **class.tagging.plugin.php** (roughly line 369) }

    Thread management will be a key part of any staff member's role, so I can just change that to Vanilla.Discussions.Edit and be alright.

    Thanks for the insight.

  • Options
    hbfhbf wiki guy? MVP

    Sebhael said:
    I got it by inserting

    $Session = Gdn::Session(); if ( $Session->CheckPermission('Garden.Users.Edit') ) { // All of the "Add The Tag Input to the Discussion Form" Code of **class.tagging.plugin.php** (roughly line 369) }

    Thread management will be a key part of any staff member's role, so I can just change that to Vanilla.Discussions.Edit and be alright.

    Thanks for the insight.

    NP. glad you got it working.

    Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained

  • Options
    x00x00 MVP

    securing only the display of the form means people could still get round this by drawing up their own post. You need to secure the submission of tags.

    grep is your friend.

Sign In or Register to comment.