How to allow authorized users to edit their own scoops
sanoju - March 11, 2008 - 02:24
| Project: | Drigg |
| Version: | 5.x-1.20 |
| Component: | Code |
| Category: | support request |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
Hi,
I'm trying to configure Drigg so that authorized users can edit their own scoops.
Here's what I've done.
In drigg.module of version 1.20,
- added 'edit own drigg stories' permission to the array returned by drigg_perm().
- inside drigg_access(), changed
// Permission to update a story
if ($op == 'update' ) {
return user_access('edit drigg stories');
}
to
// Permission to update a story
if ($op == 'update' ) {
return user_access('edit drigg stories') ||
($user->uid == $node->uid &&
user_access('edit own drigg stories'));
}
Is there any better way to achieve this functionality?
Best Regards,
Junya
#1
Hi,
There isn't really a better way to achieve this.
I don't feel comfortable with adding this as an official permission, because people will eventually post a story, get votes, and change it. There are also issues (STRONG issues) with the fact that Drupal has default permissions for stories etc., and the risk is that stories will go unpublished as soon as users change them.
I will mark it "won't do" unless you can tell me about *compelling* reasons to allow it, and *show* (not "tell": "show") me that it doesn't have nasty side effects with Drupal.
Merc.
#2
Hi,
Alright, I am closing this as "by design".
Please reopen it with additional requested comment if necessary.
Remember to reopen this if you add a comment, or I might notice it in 2014
Merc.
#3
I think this is a _Very_ legitimate request! And there are loads of good reasons why Administrators should have a choice whether to allow their authenticated users to edit their own scoops or not. This is the drupal standard.
What you could do is at least to enable that choice for Admins and let them to decide on Pros and Cons of allowing the authenticated users to edit their own scoops.
A more sophisticated solution would be to automatically disable editing after a certain number of days, or once a certain number of votes is received on that node, or after it it promoted to the front page... or something like that.
i'm getting a lot of complaints from my users who forgot to use the preview button before submitting. And it creates a LOT of hassle and/or editorial workload for the administrators.
#4
Hi,
You do realise that a feature like this opens the doors to spammers... like, wide open?
Please add a feature request, where users should be able to edit their own stories and the ability to specify the number of days they are able to do so, and whether the module should allow editing of PROMOTED stories (a checkbox).
Then, please close this issue.
Since this is a rather trivial change, patches will be most welcome.
I still think it's madness, but well, we'll see.
Merc.
#5
i used the code given above and it seems to do the trick.
i will close this and open a new feature request (even though I hope it doesn't slow down what already seams to be a relatively slow module), even though all I'm saying is that drigg 21 should include this simple option for admins, that comes with all drupal content types by default anyway.
#6
Hi,
Thank you so much for your opinions. The status of this issue is "closed" now. I'm sorry for the late action. (I was hospitalized for a few days last month and have forgotten to check this site...)
Merc,
I wasn't aware of the spamming technique you described. I now see the risk.
drupalina,
thanks for supporting the idea. I'm glad to hear that our code was helpful.
I'll post a feature request (if no one did already). If we have enough time to implement the feature by ourselves, we'll post the code again. Thank you.