HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Problems with editing signatures, adding tags, editing discussions, permissions problems - Yaga

RiverRiver MVP
edited July 2016 in Feedback

Numerous novices are installing Yaga for the first time. There are no screenshots, and no read me, and no explanations of Gotchas for the first time installers of yaga. and sparse documentation. Granted Yaga is a fine addition to the apps but, A plugin or app should do "No Harm".

So I am adding this info to aid new users......

Because yaga ranks is automatically enabled and there are several ranks that REVOKE permissions.

So you may have the correct permissions in the dashboard for a particular role or the timeout set for editing a discussion to a certain amount, yet it seems no matter what you do to the permissions in the dashboard users still cannot edit signatures or don't have permission to edit signatures or they cannot create tags or the editing window timeout is different than what you expect or non-existent.

Suddenly your users can't edit signatures
Suddenly your users can't create new tags
Suddenly your users can't edit discussions

these are a few of the problems a first time Yaga install can create.

To solve these permission revocation problems. You can do multiple things to correct.

  • disable ranks in dashboard.

  • or set

    $Configuration['Yaga']['Ranks']['Enabled'] = Disabled;


  • go to the ranks screen and edit the ranks - look at the drop down boxes and change revoke to default for the ranks.


delete the ranks and create your own once you know how to use them.


prevent rank from being awarded

Feedback to hgtonight

no, I am not going to fork myself and no I am not writing any more documentation, and no I am not making changes in github, I am making a general suggestion to prevent harm to new users.

While Yaga application is good in most ways, the setup and documentation are problematical
A plugin or app should do "No Harm".
the default installation could be better and cause less problems to novice users by setting in Application-Yaga/settings/configuration.php

$Configuration['Yaga']['Reactions']['Enabled'] = false;
$Configuration['Yaga']['Badges']['Enabled'] = false;
$Configuration['Yaga']['Ranks']['Enabled'] = false;

let the user enable via the dashboard not the reverse.

By enabling via dashboard upon install you don't run into these problems.

  • a flood of badges and notifications awarded even if you don't want badges. activity table flooded emails sent.
  • insidious problem where a new user has no idea they have changed permission settings for many users and have not idea how to solve.
  • perhaps reactions could be true but the others should be false in default setup.

other suggestions

  • yes a users can add those three config statements to /conf/config.php before installing - but how will they know.
  • Add some screenshots or animated gifs
  • warn users which permissions will change and how to change them in a readme.
  • add a bit more documentation to the downloaded plugin so users don't have to go to three sites to find information (at least some basic user documentation to prevent glitches.

You should at least add a warning to both the Description, a screen in settings and a readme, if the idea is to provide benefit and not harm.

One of the bigger reasons I am posting this is because some of the attempts at solving issue involve replacement of permissions table and other vodoo when it is actually revocation of permission due to yaga ranks.

Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.


Sign In or Register to comment.