Blog Documentation Book a Demo
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Roles - is this a bug, or am I stupid (or both)?

ercatliercatli
edited September 2006 in Vanilla 1.0 Help
I don't know what the default roles are in 1.0.1, but when I upgraded from 0.9.2 I inherited the roles I had then. So I have both "banned" and "unauthenticated" roles, among others. Because I am lazy, I have allowed both roles to read discussions, until recently I set one category so that "banned" could not read it. And now I find "unauthenticated" cannot read it, even thought the appropriate box is ticked. (I haven't tested by creating a dummy banned member, though I guess I could.)

Any ideas? (Maybe someone else could test please?

Comments

  • MinisweeperMinisweeper New
    Which role is at the top of your roles list?
  • ercatliercatli
    You've guessed it - banned is at the top and unauthenticated is at the bottom. I guess that makes a difference, but why?
  • MinisweeperMinisweeper New
    I'd suggest you move unauthenticated to the 1st or 2nd slot. I forget how the order of them actually creates precedences (if at all) but I think Unauthenticated is meant to be first (as it has least permissions - in this case though banned has fewer permissions so maybe that should be top).
    Try playing round with the order a bit and see if that helps.
  • ercatliercatli
    Nope, I think you are probably on the right track, but I tried all sorts of combinations and none made any difference. For the moment I just changed the category so that banned can see it (I don't really care who can read it, and I have no "banned" anyway) and voila "unauthenticated" can see it too. But the bug, if it is one, remains, and has just been hidden.
  • DinoboffDinoboff
    edited September 2006
    It is quite logical that a category hidden from some members is hidden too to unauthenticated, no? or people just have logout to read it.
  • DeniedDenied New
    What you're trying to do is illogical.

    Doesn't banning log a person out? Or, at least, prevent them from logging in again in the future?

    If you don't want banned people reading this category, you've got to disallow anyone not logged in, and those who are logged in, yet banned from viewing it. If all it takes to see the category that they shouldn't be seeing is for a banned person to log out, then it's not going to take the little buggers long to figure that one out.
  • ercatliercatli
    edited September 2006
    Yep. you're right, I just hadn't thought it through, because I didn't really have a need, I was just fiddling. It must be designed so that if any class of user is denied access, unauthenticated is automatically denied. Very clever. Thanks for helping me understand.

    Answer: bug? no. Stupid? Looks like it!
This discussion has been closed.