Hiding the Edit button on comments

edited September 2006 in Vanilla 1.0 Help
I'm new to all this Vanilla goodness, but I want to use it in my classroom. Please be very elementary in your answers so I know exactly how to implement it. How do I go about hiding the "edit" button from members (but not administrators)? Or is there a way to see all the different editions of a comment as an administrator? Because I'm working with middle school students, I have to worry about all the different ways they could use this great tool for cheating. They aren't able to delete their comments, so that's good, but I don't know how to stop them from posting the answers to an assignment, then later going back and changing the post to something harmless... As long as I have a way to see what all the editions of their post said, or disable the edit button...

Comments

  • http://lussumo.com/addons/?PostBackAction=AddOn&Success=1&AddOnID=161
  • that's a lot of backslashes
  • hey wallphone, i just had a look at your source.
    if ( $Comment->Context->Session->UserID < 1 && !$Comment->Context->Session->User->Permission('PERMISSION_EDIT_COMMENTS') )
    will this really work? it seems to be saying "if your userID is 0 (i.e, you're the admin), AND you don't have permission to edit all comments, then remove the edit links"
    shouldn't it be if ( $Comment->Context->Session->UserID > 0 || !$Comment->Context->Session->User->Permission('PERMISSION_EDIT_COMMENTS') )
    instead?
    or am i reading it wrong?
  • also:
    as wallphone notes in his addon, this can be bypassed rather easily. i don't think this functionality is fully possible right now without a theme/addon combination, and possibly even some changes to the core.
  • Oops--errors fixed. One side effect is that the 'edited' flag also changes to 'ed'. I got this pulled from code of another extension I am wrking on currently. Will flesh this one out more when I am done with the others, possibly removing the 'hackable' ability. This will still at least give the functionality needed.
  • ithcyithcy New
    edited September 2006
    One side effect is that the 'edited' flag also changes to 'ed'.

    well, hopefully no threads will be 'edited' anyway :)
  • @ithcy: A UserID of 0 indicates that the user is not logged in.
  • @Wallphone, @ithcy: Is it very easy to break bypass attempts. I did it in the DiceRoller extension.

    This is a commented excerpt of the code I used:
    if (in_array($Context->SelfUrl, array("post.php"))) { // DELEGATION FUNCTION TO VALIDATE EDIT function DiscussionForm_DiceRoller_EditValidation( &$DiscussionForm ) { $pba = $DiscussionForm->PostBackAction; // PREVENT ACCESS TO THE EDIT FORM AND SAVE OPERATIONS FOR COMMENTS // WHICH MEET A CERTAIN CONDITION if ( $DiscussionForm->Comment->CommentID != 0 && ($pba=='' || $pba=='SaveDiscussion' || $pba=='SaveComment') ) { // CHECK THE CONDITION if ( !$DiscussionForm->Context->Session->User->Permission('PERMISSION_EDIT_DISCUSSIONS') ) { // BREAK THE EDIT ATTEMPT $DiscussionForm->Context->WarningCollector->Add( $DiscussionForm->Context->GetDefinition("NoEditWarning") ); $DiscussionForm->FatalError = 1; return; } } } // Add function todelegate $Context->AddToDelegate('DiscussionForm', 'PostLoadData', 'DiscussionForm_DiceRoller_EditValidation' ); }
    Hope it helps
  • Thanks so much! I can trust my students now! :-)
  • You might want to let yourself view all whispers, too. p.s. Stop trying to stop kids cheating. That's half the fun of being at school!
  • Thank you Arturo! With that ability removed from the users, I feel comfortable calling this version 1.0 now. It still feels a bit hacky, as the link and its list item are still in the source, but I will get those out sometime later.

    Fixed the edited => ed bug also.
  • @a_magical_me: ah, i always forget :)
  • edited September 2006
    Nah, stopping kids from trying to cheat is half the fun of teaching... The other half is June, July, and August... :-) And how do you view all whispers?
  • Its part of the role permissions.
This discussion has been closed.