I installed Forum Access which added the 'Forum Moderator' role upon installation however even with all the permissions, it would still not allow the forum moderator to edit/delete any forum posts. So I thought maybe something went weird during the installation so I uninstalled 'Forum Access" and 'ACL'. The 'Forum Moderator' role remained so I manually deleted that role.
I rebuilt the content access permissions and then continued to install 'ACL' and 'Forum Access' however the 'Forum Moderator' role was not added. I tried uninstalling, flushed all caches and then re-installed but I have the same problem, no 'Forum Moderator' role is being created.
Can somene please tell me where a trail of 'Forum Moderator' would be left behind in the database during an uninstall? Or is there something else that is preventing the 'Forum Moderator' being re-created. My thought was that the installation checked for an existing 'Forum Moderator' role before creating one. But I cannot find out what would be added from looking at the code.
Jason
| Comment | File | Size | Author |
|---|---|---|---|
| #5 | Devel-DNA.jpg | 64.78 KB | jasont28 |
Comments
Comment #1
salvisPlease follow the procedure that was displayed when you created this issue.
The Forum Moderator role is not created until it's actually needed. Define some users as moderators and you should see it again.
Comment #2
jasont28 commentedThank you Salvis. Sorry for not following the procedure outlined above the issue post. I actually thought it was just a disclaimer of sorts and didn't read it. My mistake.
The Forum Moderator was created after a user was given forum moderator privileges.
I installed the Devel module but don't have much experience with it. The "attach a screenshot of the DNA information" mentioned in the issue procedure, is that referring to the Devel information in the footer that is displayed? I have attached an image of that information but if this is wrong, can you please inform me of where to locate the DNA information.
Devel Information
I have given a user by the name of "authenticated user" the "Forum Moderator" privileges thus they have the forum moderator role.
Jason
Comment #3
salvisYes, DNA is Devel Node Access. It's the right information, but it's scaled down and I can't read it (nor zoom it).
Please attach it here in the queue.
Comment #4
salvis'authenticated user' is a role — I hope you haven't actually created a user with that same name. This would cause unnecessary confusion.
Your terminology is completely mixed up, I don't understand what you're trying to say. 'authenticated user' and 'Forum Moderator' are roles. You cannot "give" one to the other. Please state on which page (URL) you did what.
Comment #5
jasont28 commentedYes we did create a user called 'authenticated-user' as it helps us know which roles are associated with which users when using Masquerade. However we have changed it to 'Joe' in the meantime so it doesn't cause confusion with this issue.
So 'Joe' has the 'authenticated user' role.
We add 'Joe' as a moderator for the forum container at admin/content/forum/edit/container/6 and save the page.
We are running the "content access" module on the site as well so we have unchecked all boxes for 'anonymous user' and 'authenticated user' at admin/content/node-type/forum/access. We also leave the "Give content node grants priority" value at zero.
We go to the user permissions page at admin/user/permissions. Forum Moderator has access to the following:
access content
administer nodes
access comments
administer comments
post comments
post comments without approval
create forum topics
delete any forum topic
delete own forum topics
edit any forum topic
edit own forum topics
We check the forum masquerading as user 'Joe'. 'Joe' cannot edit any posts.
We then check the 'Joe' user at admin/user/user/list however he has not been assigned 'forum moderator' as a role. We manually assign him the 'Forum Moderator' role but 'Joe' still cannot edit any forum posts.
I have attached the Devel DNA image of the forum page when masquerading as user 'Joe'.
Comment #6
salvisJoe is denied Update access because he's not allowed to use the input format of node/10 — you see this near the bottom of the screennshot.
Technically, Joe would be able to delete, but because he can't get to the edit page, he can't reach the [Delete] button.
In addition, you've given Joe a role with the administer nodes permission, so for him, Node Access is bypassed completely, anyway. You'd get the same behavior if you removed FA, CA, and ACL.
BTW, the first table should be color-coded, like admin/reports/status. Apparently, your theme hasn't implemented the appropriate classes.
I call this user 'account' — he has nothing but a bare account on the site.
Being Moderator for a container gives you only View and See ("Moderators receive all grants above"), which is what you'd usually have even without being Moderator. The grants are NOT inherited, so this probably does not what you think it does.
You could set priority to -1 and save a little performance, with the same result.
Did you assign all those permissions? You shouldn't do that. The only thing you're allowed to do with the Forum Moderator role is to rename it. Please delete the role and let FA recreate it. I recently updated the -dev version so that you cannot change the Forum Moderator permissions anymore. Please update to the new Forum Access — it should provide better guidance.
As mentioned near the top, this has nothing to do with node access.
The Forum Moderator role is assigned temporarily by Forum Access and removed again a fraction of a second later during the same page load. You should not assign it to any user.
When FA creates the Forum Moderator role, it displays the following message:
I was hoping that this would make it clear that the Forum Moderator role should be left alone, but I should have known better (you're not alone, of course). The current -dev version tries very hard to keep you from messing with it. Please update FA and tell me what you think.
Comment #7
salvisWhy does your title say "cannot create"? Are you sure Joe cannot create? DNA says he can...
Comment #8
jasont28 commentedThank you very much for the great help Salvis.
I didn't even think to check the input formats. We created a new input format for registered users and the moderators were then able to access the 'edit' section of the forum.
In all honesty, we have had a couple of security update messages showing but haven't updated modules just yet as the website is protected by .htaccess. This probably was why we didn't read the messages that recommended leaving the Forum Moderator role as is.
We deleted the Forum Moderator role and then let FA create a new one, only using the default permissions. We are using 'User Protect' and 'Permissions Lock' so this will allow us to stop our clients from assigning any users to the 'Forum Moderator' role. We haven't uploaded the -dev version yet as we weren't sure if it is production ready? Is it relatively bug free to use for the moment?
You changed this on post #4, there was never a problem with creating posts, it was originally because I overlooked the message that clearly says FA will create the 'Forum Moderator' role when a user is made a moderator.
We are using the basic Aquia Marina theme whilst we add the site functionality so not sure why it wouldn't color code the table. When moving to the front end design stage we will be using the Zen theme which does color code the admin/reports/status table.
Thanks again for your great assistance with this problem Salvis. We would have been tearing our hair out for days if you didn't inform us that it was the input format causing the issue. Even when we saw the NDA message, we didn't realize that creating the forum as an admin but then trying to modify it as a user with less format control would cause a problem.
Comment #9
salvisYes, the -dev version is ready to go. I recently added one last feature, namely the ability to hide the 'Forums' menu item for users that have no access to any forums. I'm having this tested actively in RC1 of the Image Gallery Access sibling module.
Based on the experience in this thread I'll add one last thing (a hook_update_NNN() function to remove any Forum Moderator role assignments) and I expect to release IGA 1.0 and FA 1.1 in about a week.
I don't know those modules. FA is now making a reasonable effort to guard the Forum Moderator role, but there are contrib modules that provide additional ways to process roles and users, and it's not possible to guard against these.
Oops, I meant to write 'delete' — fixed.
Thanks for your kind words.