Can nested categories inherit custom role permissions from their parent?
I'm just getting started with Vanilla so forgive me if this is a silly question. Suppose you have a "Secret area" heading category with sub categories such as "secret forum 1", "secret forum 2", "secret forum 3". If I set "Secret area" custom permissions to only visible and writeable by admins, can reliably count on its sub categories to have the same properties out of the box, or do I have to set custom permissions for every single sub category as well?
Best Answer
-
x00 MVP
@jportoles said:
That's the thing, documentation doesn't suggest there is any kind of inheritance but a child category with no custom permissions will not be visible if the parent has custom permissions set to "not view" for a certain role. Confusing. Input from the devs would be appreciated here.peregrine is right. but as soon as you need to set one permission for that Category, maybe something unrelated, it is no longer inherited. So it is safer to explicitly set the permission.
grep is your friend.
6
Answers
I could be wrong haven't tested, but I believe category permissions are not inherited.
What happened when you experimented?
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
It does seem to work as if it inherited permissions (that is, a non-admin user could not access the sub categories in my previous example) but there's no explicit mention of this anywhere nor I can find it in the documentation, hence why I ask whether this is a feature one can rely on or not.
you appear to be correct and I was incorrect in my assumption above, it does look like it is inherited. if you are worried. you can explicitly set sub categories with custom permissions as well.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
Permissions do NOT cascade subcategories.
You should set all permission for each category.
grep is your friend.
New categories inherit default category permissions
grep is your friend.
My initial thought it was not inherited. It may be the sequence of steps that affect things.
explain this @x00
As much as I want to believe you. and the evidence may be a coincidence. this was my empirical evidence
1 I had a category with a sub-category (initially)
/FoodCategory
/Applesubcategory of FoodCategory.
default category permissions for guests was viewing available for guests.
both category and subcategory viewable to guest
2
I changed /FoodCategory via custom permissions so it was not viewable by guest. via custom permissions.
I Did not change or edit Applessubcategory
I could not view Applesubcategory. as a guest.
3
I removed custom permissions of /FoodCategory
I could view Applesubcategory as guest.
But .... defining individual category permissions for each categories , leaves any guesswork from being made.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
You need to set Applesubcategory so view is NOT checked.
If inheritance worked, if FoodCategory was set to view you would be able to see Applesubcategory. But you can't.
You inherit form the parent not the child.
grep is your friend.
My point was changing parent category custom permissions affected child category! which seemed to indicate some sort of inheritance. At least if custom permissions is selected for the parent.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
Btw if you set Applesubcategory to view and FoodCategory not to view
You would see Applesubcategory even though it is "beneath" FoodCategory
This is becuase hierarchy is not enforced as a data structure.
Think of all categories as being independent of one another, then the hierarchy abstract build using nested set model
grep is your friend.
I understand what you are saying and I know you can change custom permissions on sub-category. I am saying experimentally the above results were produced. whatever theory we call it (inheritance or primogeniture or nothing).
meaning changing parent custom permissions did have some impact on the child if the child did not have custom permissions set.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
I think if you don't set any custom permissions, you might be right.
grep is your friend.
That's the thing, documentation doesn't suggest there is any kind of inheritance but a child category with no custom permissions will not be visible if the parent has custom permissions set to "not view" for a certain role. Confusing. Input from the devs would be appreciated here.
It looks like if there some logic which causes the permission Category ID to bubble up if there is no permissions.
However permissions are not additive, where they exist.
grep is your friend.
peregrine is right. but as soon as you need to set one permission for that Category, maybe something unrelated, it is no longer inherited. So it is safer to explicitly set the permission.
grep is your friend.