Hiding the Edit button on comments

wafflestomper

I'm new to all this Vanilla goodness, but I want to use it in my classroom. Please be very elementary in your answers so I know exactly how to implement it. How do I go about hiding the "edit" button from members (but not administrators)? Or is there a way to see all the different editions of a comment as an administrator? Because I'm working with middle school students, I have to worry about all the different ways they could use this great tool for cheating. They aren't able to delete their comments, so that's good, but I don't know how to stop them from posting the answers to an assignment, then later going back and changing the post to something harmless... As long as I have a way to see what all the editions of their post said, or disable the edit button...

WallPhone

http://lussumo.com/addons/?PostBackAction=AddOn&Success=1&AddOnID=161

ithcy

that's a lot of backslashes

ithcy

hey wallphone, i just had a look at your source.
if ( $Comment->Context->Session->UserID < 1 && !$Comment->Context->Session->User->Permission('PERMISSION_EDIT_COMMENTS') )
will this really work? it seems to be saying "if your userID is 0 (i.e, you're the admin), AND you don't have permission to edit all comments, then remove the edit links"
shouldn't it be if ( $Comment->Context->Session->UserID > 0 || !$Comment->Context->Session->User->Permission('PERMISSION_EDIT_COMMENTS') )
instead?
or am i reading it wrong?

ithcy

also:
as wallphone notes in his addon, this can be bypassed rather easily. i don't think this functionality is fully possible right now without a theme/addon combination, and possibly even some changes to the core.

WallPhone

Oops--errors fixed. One side effect is that the 'edited' flag also changes to 'ed'. I got this pulled from code of another extension I am wrking on currently. Will flesh this one out more when I am done with the others, possibly removing the 'hackable' ability. This will still at least give the functionality needed.

ithcy

One side effect is that the 'edited' flag also changes to 'ed'.

well, hopefully no threads will be 'edited' anyway

a_magical_me

@ithcy: A UserID of 0 indicates that the user is not logged in.

Arturo G.

@Wallphone, @ithcy: Is it very easy to break bypass attempts. I did it in the DiceRoller extension.

This is a commented excerpt of the code I used:
if (in_array($Context->SelfUrl, array("post.php"))) { // DELEGATION FUNCTION TO VALIDATE EDIT function DiscussionForm_DiceRoller_EditValidation( &$DiscussionForm ) { $pba = $DiscussionForm->PostBackAction; // PREVENT ACCESS TO THE EDIT FORM AND SAVE OPERATIONS FOR COMMENTS // WHICH MEET A CERTAIN CONDITION if ( $DiscussionForm->Comment->CommentID != 0 && ($pba=='' || $pba=='SaveDiscussion' || $pba=='SaveComment') ) { // CHECK THE CONDITION if ( !$DiscussionForm->Context->Session->User->Permission('PERMISSION_EDIT_DISCUSSIONS') ) { // BREAK THE EDIT ATTEMPT $DiscussionForm->Context->WarningCollector->Add( $DiscussionForm->Context->GetDefinition("NoEditWarning") ); $DiscussionForm->FatalError = 1; return; } } } // Add function todelegate $Context->AddToDelegate('DiscussionForm', 'PostLoadData', 'DiscussionForm_DiceRoller_EditValidation' ); }
Hope it helps

wafflestomper

Thanks so much! I can trust my students now! :-)

Minisweeper

You might want to let yourself view all whispers, too. p.s. Stop trying to stop kids cheating. That's half the fun of being at school!

WallPhone

Thank you Arturo! With that ability removed from the users, I feel comfortable calling this version 1.0 now. It still feels a bit hacky, as the link and its list item are still in the source, but I will get those out sometime later.

Fixed the edited => ed bug also.

ithcy

@a_magical_me: ah, i always forget

wafflestomper

Nah, stopping kids from trying to cheat is half the fun of teaching... The other half is June, July, and August... :-) And how do you view all whispers?

Minisweeper

Its part of the role permissions.