Membergroups again... :-(

[dekay]

Since 2 years I'm working with SMF - and always I get stuck with that (sorry) stupid membergroups handling, especially primary/secondary usergroups.

Acually I'm about to upgrade that SMF1 forum to SMF2.

One great new feature I was hoping for are the requestable membergroups.

Problem: all my existing users have no primary usergroup set.

When a user requests a membergroup, this one is set as primary usergroup. If that membergroup - for example - just allows one addional Subforum - he will see nothing else except that one subforum, because that requested membergroup is set as primary membergroup.

Ok, workaround could be: setting a basic primary usergroup for all existing users.

But: what about new users?
("default membergroup on registration" mods are only for 1.1.x yet or discontinued)

Has anyone an advice?
Or did I oversee something?

[Aleksi "Lex" Kilpinen]

I don't think it works like that *think*
I believe groups in 2.0 can be set to be defaulted as secondary groups,
and furthermore a primary group does not deny access to areas allowed for secondary groups.

Have you experimented with these at all, or just assumed how they work?

[dekay]

I believe groups in 2.0 can be set to be defaulted as secondary groups,

Hmmm. Since yet i've found no option to do that.

and furthermore a primary group does not deny access to areas allowed for secondary groups.

If a (new) User has NO primary and NO secondary group he can read/write all boards that all "registered" Users can access by default.

Now let's assume there is one group "JOIN THE HIDDEN BOARD" he could choose via 'requestable' function. This group does nothing but allowing access to a Board invisible to regular users.

From the moment he joins that group he will no longer be "regular" user. His primary membergroup will be "JOIN THE HIDDEN BOARD" and he has only access to this board.

Have you experimented with these at all, or just assumed how they work?

Tested.

[Aleksi "Lex" Kilpinen]

If I'm correct you can make a group default to secondary through Admin -> Members -> Membergroups
Modify the group you want, and select Visibility: Invisible

And to make a primary group not override regular member access levels, just make that primary group to have the same access and permissions levels as regular member + the one additional board.

[dekay]

If I'm correct you can make a group default to secondary through Admin -> Members -> Membergroups
Modify the group you want, and select Visibility: Invisible

What have visibility settings to do with setting a group to be default?
I'm going to try this, but it doesn't make sense to me so far.

And to make a primary group not override regular member access levels, just make that primary group to have the same access and permissions levels as regular member + the one additional board.

?

This would make requestable usergroups completly worthless.
How to combine different access rights from different member groups?

[Aleksi "Lex" Kilpinen]

If I'm correct you can make a group default to secondary through Admin -> Members -> Membergroups
Modify the group you want, and select Visibility: Invisible

What have visibility settings to do with setting a group to be default?
I'm going to try this, but it doesn't make sense to me so far.

I only thought of that because Primary groups in SMF have always been the visible groups, and secondary groups have always been invisible groups.

And to make a primary group not override regular member access levels, just make that primary group to have the same access and permissions levels as regular member + the one additional board.

?

This would make requestable usergroups completly worthless.
How to combine different access rights from different member groups?

No it would not make them wortheless, that way it would keep the rights and access that regular members have, AND add the one board you specify....

[Aleksi "Lex" Kilpinen]

How to combine different access rights from different member groups?

EDIT:
Thought of permissions there for awhile... sorry.,

You COULD make basic access rights be part of post count groups,
and then add further access rights with secondary / primary groups,
as I think a group will not take away post count based access (but I haven't actually tested this... )

[dekay]

I don't think the "workaround" with post count groups will work. And if it would be really just be a workaround because the membergroups system does not work like it should

Rights management MUST work (can't find the right expression...) by combining the rights of the selected groups.

Example:

Group A - acesss rights to board A
Group B - access rights to board B
Group C - access rights to board C

Some users will be regular users + A
Some users will be regular users + B + C
Some users will be regular users + A + C
Some users will be in all groups

And SMF actually WORKS this way by adding rights (as far as I found out)

The problems start when member groups that meant to be used as 'secondary' groups (with addional rights) are set automatically as primary groups.
This happens when no primary group is set and SMF sets a requested group.
But there is no way (?) to set a primary group by default.

I would call this a bug.

But maybe I just don't get it...

[Aleksi "Lex" Kilpinen]

Example:

Group A - acesss rights to board A
Group B - access rights to board B
Group C - access rights to board C

Some users will be regular users + A
Some users will be regular users + B + C
Some users will be regular users + A + C
Some users will be in all groups

And SMF actually WORKS this way by adding rights (as far as I found out)

Yes, that seems like a possible scenario to me I actually have a 1.1 board set up pretty much like that.

The problems start when member groups that meant to be used as 'secondary' groups (with addional rights) are set automatically as primary groups.
This happens when no primary group is set and SMF sets a requested group.
But there is no way (?) to set a primary group by default.

But this part here, I still think you can make the group secondary just as well. But before I get to arguing about it, let me test this

[Aleksi "Lex" Kilpinen]

Yup, just tested and a group set to be invisible will NOT be made primary.
It will default as secondary, even though the member has NO primary group set.

[dekay]

AAAAAAAAAAAAAAAAAAAAAAARRRRRRRRRRGGGGGGGGGGGGGGGGHHHHHHHHHHHH!
_{(sorry, just had to scream...)}

Yes, it works.

Are the ones that coded this still around?

Could someone come up with a good explanation what "visibility settings" have to do with primary/seconary membergoups?


Even if this is a way to prevent a group from being used as primary group:
why is there no (separate) selector to set a "group" as 'secondary only' or 'primary only'?

Plus: the integration of something like the "Default membergroup mod" into SMF2 would be another step to get rid of problems like the above.

[Aleksi "Lex" Kilpinen]

I do hope this gets documented later on As I can see clearly how confusing it might be, if your not completely familiar with the way the groups work...

[dekay]

Big thanks so far.

this was really an issue that had to be solved before changing to SMF2.


@devs: Mixing several config-things like that makes SMF a less "simple machine" and more confusing.

[Aleksi "Lex" Kilpinen]

Big thanks so far.

You're welcome

Now, if you feel this is solved for now, remember to mark the topic solved

EDITED TO ADD:

For others possibly thinking of this same issue,
Primary groups in SMF have always been the visible groups *(adding a title and such),
and secondary groups have always been invisible groups (only admins see these in 1.1 boards).
Keep this in mind, and you can see the logic behind the new group system

[dekay]

lol...

I always thought that I misunderstood something very fundamental when getting used to SMF. 

Thank you for telling me


(Could anyone please write a tutorial "SMF Group and Access System and how to use it properly?") 

[Aleksi "Lex" Kilpinen]

(Could anyone please write a tutorial "SMF Group and Access System and how to use it properly?") 

I think for 2.0 it is a work in progress - Or I hope so at least

But generally:

Membergroups
Permissions

Permissions by Membergroup [1.1 Only]
Permissions by Board [1.1 Only]