2017-05-05, 09:38 PM
I am suggesting/requesting two things.
I did a forum search for this topic and I have not found anything related to what I am going to suggest. Before I begin, I am aware the entire system is being redone from scratch and that there may or may not be any "obvious" changes that don't have to be listed.
Now, in the current system, we have permissions for users/usergroups (Just say a Super Mod as an example) with in the ACP, you can give the group/user permissions to EDIT User Profiles and what not, but currently if you give a Super Mod permissions to edit a user, they can change their user group to Administrator, or go edit other groups. They can make a registered member an Admin - even though they are just a Super Mod.
**Part of this is assuming this will also be applied to ALL settings**
Request / Suggestion One
A "ladder" permission system. Basically we can assign an "Order" to all groups - default or not (This is not a "Display order" but a "Ranking" order.
Basically we have this set up:
Admin - Owner
Super Mod - They make users Global mods/mods
Global Mod - They manage the forum - "ban" abilities
Moderator - Warn, move posts etc
Community Moderator - They manage a specific forum.
It should would sort of look like this in the ACP
Ranking / Access Level | Group Name | ACP "Display Order"
1 Admin 5
Owner
2 Super Mod 4
They make users Global mods/mods
3 Global Mod 3
They manage the forum - "ban" abilities
4 Moderator 2
Warn, move posts etc
5 Community Moderator 1
They manage a specific forum.
----
Now, with the "Access Level" or "Ranking" Anyone/anything LOWER than their "level" they can edit/change/modify. But anything or anyone above their "level" they cannot change/add/modify (This mainly applies to those groups who have access to ACP).
Example:
Super Mods have a level of 2, they can edit users or settings, so when Billy (Super Mod - Access Lvl 2) wants to edit Joe (Admin #5, Access lvl 1) they cannot change their user group or edit/access their profile/settings since it is above their level.
Likewise, we take Billy again and he wants to edit Rachael's user group, they cannot give that user a user group any higher than Global Mod since Billy is not "cleared" to do that.
Additionally, Billy can edit his settings since Billy is logged in as Billy but cannot give themselves the Admin group since it is above their "level".
This would also be applied to settings, each "setting" can be modified to change what access level is allowed to change/edit those settings.
Example:
Edit Users [ Access Level: 1, 2, 3]
Edit User's Primary Group [ Access Level 1 ]
Edit User's Secondary group [ Access Level 3 ]
So to sum it up:
A user who has any access level equal to lower than another access level, they cannot change those "things"
A user who has an access level equal to or higher can change those "things" - Meaning, Billy cannot make Gavin a Super Mod since Billy is a Super Mod. So they can change all setting that they have access to up to until their "Access Level"
Request Two
A better permission system which includes 2 options:
Basic (Standard) [Basically what it is currently like]
Advanced (In depth permission system)
-Set up "Access Levels"
The advanced permission system will be broken up into Categories (sort of like how it is now)
Example:
Users & Groups >> Admin Permissions >> User Permissions / Group Permissions / Default Permissions >> Set / Edit
Users & Groups
Can manage users?
-Yes
--Can change/set secondary groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can change/set primary groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can change/set passwords Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can change/set emails Yes/No Access Level: [List with #, for multiple use #, #, #]
-No
Can manage user groups?
-Yes
--Can create groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can edit existing groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can modify group settings Yes/No Access Level: [List with #, for multiple use #, #, #]
-No
That is a general idea of how it would work but that would be for all settings.
It would be in a sense where each setting group has settings and those settings have sub-settings.
Why is Request #1 needed?
- It is a "requirement" for Request #2.
Why is Request #2 needed?
- It also helps really have a say in who does what instead of having a general permission system where a Super Moderator can make themselves an Admin.
"Super Mods should be members you trust"
-Yes, they should be, but you should not have a group to have the ability to give themselves more power than what they were supposed to have, with that argument get rid of Super Mods and just have Mods and Admins.
I did a forum search for this topic and I have not found anything related to what I am going to suggest. Before I begin, I am aware the entire system is being redone from scratch and that there may or may not be any "obvious" changes that don't have to be listed.
Now, in the current system, we have permissions for users/usergroups (Just say a Super Mod as an example) with in the ACP, you can give the group/user permissions to EDIT User Profiles and what not, but currently if you give a Super Mod permissions to edit a user, they can change their user group to Administrator, or go edit other groups. They can make a registered member an Admin - even though they are just a Super Mod.
**Part of this is assuming this will also be applied to ALL settings**
Request / Suggestion One
A "ladder" permission system. Basically we can assign an "Order" to all groups - default or not (This is not a "Display order" but a "Ranking" order.
Basically we have this set up:
Admin - Owner
Super Mod - They make users Global mods/mods
Global Mod - They manage the forum - "ban" abilities
Moderator - Warn, move posts etc
Community Moderator - They manage a specific forum.
It should would sort of look like this in the ACP
Ranking / Access Level | Group Name | ACP "Display Order"
1 Admin 5
Owner
2 Super Mod 4
They make users Global mods/mods
3 Global Mod 3
They manage the forum - "ban" abilities
4 Moderator 2
Warn, move posts etc
5 Community Moderator 1
They manage a specific forum.
----
Now, with the "Access Level" or "Ranking" Anyone/anything LOWER than their "level" they can edit/change/modify. But anything or anyone above their "level" they cannot change/add/modify (This mainly applies to those groups who have access to ACP).
Example:
Super Mods have a level of 2, they can edit users or settings, so when Billy (Super Mod - Access Lvl 2) wants to edit Joe (Admin #5, Access lvl 1) they cannot change their user group or edit/access their profile/settings since it is above their level.
Likewise, we take Billy again and he wants to edit Rachael's user group, they cannot give that user a user group any higher than Global Mod since Billy is not "cleared" to do that.
Additionally, Billy can edit his settings since Billy is logged in as Billy but cannot give themselves the Admin group since it is above their "level".
This would also be applied to settings, each "setting" can be modified to change what access level is allowed to change/edit those settings.
Example:
Edit Users [ Access Level: 1, 2, 3]
Edit User's Primary Group [ Access Level 1 ]
Edit User's Secondary group [ Access Level 3 ]
So to sum it up:
A user who has any access level equal to lower than another access level, they cannot change those "things"
A user who has an access level equal to or higher can change those "things" - Meaning, Billy cannot make Gavin a Super Mod since Billy is a Super Mod. So they can change all setting that they have access to up to until their "Access Level"
Request Two
A better permission system which includes 2 options:
Basic (Standard) [Basically what it is currently like]
Advanced (In depth permission system)
-Set up "Access Levels"
The advanced permission system will be broken up into Categories (sort of like how it is now)
Example:
Users & Groups >> Admin Permissions >> User Permissions / Group Permissions / Default Permissions >> Set / Edit
Users & Groups
Can manage users?
-Yes
--Can change/set secondary groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can change/set primary groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can change/set passwords Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can change/set emails Yes/No Access Level: [List with #, for multiple use #, #, #]
-No
Can manage user groups?
-Yes
--Can create groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can edit existing groups Yes/No Access Level: [List with #, for multiple use #, #, #]
--Can modify group settings Yes/No Access Level: [List with #, for multiple use #, #, #]
-No
That is a general idea of how it would work but that would be for all settings.
It would be in a sense where each setting group has settings and those settings have sub-settings.
Why is Request #1 needed?
- It is a "requirement" for Request #2.
Why is Request #2 needed?
- It also helps really have a say in who does what instead of having a general permission system where a Super Moderator can make themselves an Admin.
"Super Mods should be members you trust"
-Yes, they should be, but you should not have a group to have the ability to give themselves more power than what they were supposed to have, with that argument get rid of Super Mods and just have Mods and Admins.