Updated: Comment #4
It is unclear that og_access must be enabled in order for group privacy settings to work.
The docs should be updated to be clear that Commons 3.3 and higher also require og_access to be enabled - not just Commons 3.2. In addition, I feel that the create group page should really provide some kind of indicator that the privacy settings will not work properly without taking additional steps that are outlined in the documentation.
- Update documentation to clearly indicate that og_access is required for group privacy settings to work properly in Commons 3.4.
- Add explanatory text to create group page to indicate that privacy settings will not properly hide content unless og_access is enabled (or unless instructions in docs are followed).
User interface changes
Original report by @runeasgar
In group "Privacy Settings" there are 2 options that indicate that content will be hidden from non-members:
- Joining a group requires an invitation - In the documentation, it is stated that this setting has the following effect: "The group and its content are hidden from non-group members."
- Joining requires admin approval - In the documentation, it is stated that this setting has the following effect: "The group is visible to non-group members, but its content is hidden, and a group administrator must approve the users' group membership requests."
I created 2 groups on stock Commons 3.4 using these 2 settings, then created test content in both (posts, questions, polls). In both cases, the group content was exposed and viewable (node display, as well) by authenticated non-members (home page - main section & recent activity) and anonymous users (just recent activity, since the main section is different).