Editing Articles

[wylek]

Something is wrong permissions work.

If you set permissions like this,


then users can edit their articles.


And if set like this,


then users can edit all articles!


It is desirable that, with this permission, users could edit only their own articles here.

[@rjen]

This is the way it should work :  manage articles grants permission to change all articles, edit own articles allows users to only edit their own...

What do you think is wrong?

[wylek]

How do I make the article management give permission to edit only its own articles?

[@rjen]

You don't , it's not meant to do that Manage articles is for ALL.

[wylek]

Well why, all this can be done here

Code Select Expand

function article_options($render = true)
{
global $scripturl, $txt, $context, $settings;

    $data = '';

if(!isset($context['TPortal']['article']['boardnews'])) {
// give 'em a edit link? :)
if(allowedTo('tp_articles') && ($context['TPortal']['hide_editarticle_link']!=1)) {

$data .= '
<a href="' . $scripturl . '?action=tpadmin;sa=editarticle;article=' . $context['TPortal']['article']['id'] . '"><img style="margin: 2px 4px 0 0;float:right" src="' .$settings['tp_images_url']. '/TPedit2.png" alt="" title="'.$txt['tp-edit'].'" /></a>';
        }
// their own article?
elseif(allowedTo('tp_editownarticle') && !allowedTo('tp_articles') && ($context['TPortal']['article']['author_id'] == $context['user']['id']) && $context['TPortal']['hide_editarticle_link']!=1 && $context['TPortal']['article']['locked']!=1) {
$data .= '
<a href="' . $scripturl . '?action=tpadmin;sa=editarticle;article=' . $context['TPortal']['article']['id'] . '"><img style="margin: 2px 4px 0 0;float:right" src="' .$settings['tp_images_url']. '/TPedit2.png" alt="" title="'.$txt['tp-edit'].'" /></a>';
        }
}

[@rjen]

Of course you can put the icon there, but permissions are also checked in the admin section... it will require more changes, and since this is not how it is supposed to function we cannot support it.

[tino]

How do I make the article management give permission to edit only its own articles?

What do you mean article management?

As rjen has said, an user can either edit their own articles only, or they can edit all articles.

I don't quite understand what you are looking for?

[@rjen]

How do I make the article management give permission to edit only its own articles?

What do you mean article management?

As rjen has said, an user can either edit their own articles only, or they can edit all articles.

I don't quite understand what you are looking for?

I think he wants to give users full admin access to articles, but only their own articles. Might be nice to give users access to select the category and icons for their articles, but not something TinyPortal is designed to facilitate...

[tino]

But then you have to give them access to categories or only certain categories. It becomes quite messy...

If the privileges were rewritten completely this might be doable, it's certainly easier in 2.0.x than it was in 1.6.x

If wylek would like to create a PR with the changes we can review and look to implement it if it doesn't have a negative impact or have security implications.

[@rjen]

Sure, I am open to contributions. I am just not sure how this would work out... it would also require access permissions on categories and more.

And what about te implications: you give non admins powers to make their articles featured, or sticky, and change all layout options and so on....

Since this is the first time this question comes up I wonder how many admins really require this functionality ?

[lurkalot]

Sure, I am open to contributions. I am just not sure how this would work out... it would also require access permissions on categories and more.

And what about te implications: you give non admins powers to make their articles featured, or sticky, and change all layout options and so on....

Since this is the first time this question comes up I wonder how many admins really require this functionality ?

I guess this wouldn't be such a bad idea, if you could let them choose from a selection of categories set out and set up by admin in the first place, with those layout options already predefined. Exceptions would be the featured and sticky options of course.

[wylek]

For users, when creating or editing articles, all these settings are not needed. This is the privilege of administrators! I made restrictions as on the DLE engine and now I am calm that someone will not delete a category or article. The archive contains the files where I changed the code. This is the TinyPortal version from here - https://github.com/Tinyportal/TinyPortal.

[@rjen]

What is the DLE engine 

[@rjen]

I can see what you tried to do, but I cannot agree with the way it is done. To me it seems that you are ripping out some of the Tinyportal permissions and tie-ing parts directly to admins only.

The idea is that with TinyPortal you can grant TinyPortal admin permissions to members that are NOT forum admin. That's lost now, and that is not something that other TinyPortal users may want (I do not want this on my site for sure).

Then I see that certain admin related options are hidden from view to non-admins, but non-admins may still be able to access sections that you don't want if the know the address?

[@rjen]

Example: even though you suppressed the link to it, a user can still delete categories or create new ones...

By simply accessing this link: yourforum/index.php?action=tpadmin;sa=categories

[@rjen]

If I checkout what you did it seems that you want non-admins to have slightly more options when they create / change articles.

In summary:
They still should only edit their own articles (and not those from other users) but you want them to access more fields in the article (see attachment):

Created at
Approved
Type of article
Status (active not active)
Category
Additional status (Frontpage / sticky / locked)

Is that correct?

[wylek]

If I checkout what you did it seems that you want non-admins to have slightly more options when they create / change articles.

In summary:
They still should only edit their own articles (and not those from other users) but you want them to access more fields in the article (see attachment):

Created at
Approved
Type of article
Status (active not active)
Category
Additional status (Frontpage / sticky / locked)

Is that correct?

Yes, that would be desirable. You can add one more option in the admin panel.

[@rjen]

Well, the approved option will not go in there: there is a special permission for that so that admins can choose what membergroups may submit without approval and what membergroup requires approval first

The other options may be considered, although the switch BBC / HTML kind of goes against the idea that admins can choose what kind of articles you allow members to write, but I guess that option could be tied to the permissions to submit both types of articles.

I am just not sure this is something that we want to make part of the 'core'functionality...

I would need to have the opinions of other team members on that...