Skip to main content
Topic: Membergroup Bug (Read 3655 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Membergroup Bug

I went to setting to allow member to select their group(s). Luckily I found this "beautiful magical" bug. When I checked to allow it for regular members, it displays the list of groups which include Global Moderator. Due to that, the admin menu also appears like magic for regular members. Exciting, isn't it? ;) How do I catch and pet this bug?  ;D

Re: Membergroup Bug

Reply #1

Well, after going through, I am not sure whether it is a bug anymore. I was thinking that group should be able to change his own membergroups but it should not give them an admin menu access even partially or choose global moderator group. But then, it might not be bug if this usual behaviour of that settings, right? Is it or is it not a bug?

Re: Membergroup Bug

Reply #2

So you went to admin > members > member groups > settings and ticked "regular members"?
Bugs creator.
Features destroyer.
Template killer.

Re: Membergroup Bug

Reply #3

Yup.

Re: Membergroup Bug

Reply #4

Then it's not a bug, but something to use with caution.
This setting means that any group ticked in that list acquire the permission to "manage" member groups.
To do an example: I am a regular member at your forum, and you give me this permission, I can add and remove member groups (except for protected ones) to anyone on the forum. ;)

What you are likely looking for, is create a joinable group to allow your members to select it?
Bugs creator.
Features destroyer.
Template killer.

Re: Membergroup Bug

Reply #5

That I have done. But I still think it is a bug and it should not be that way because it doesn't make sense to me. :P

If I were to allow an ordinary group member to edit group, that should be limited to ordinary membergroup (non-admin and non-moderator groups) and in their own profile only (not other people profile).

However, if that allowed group is a global moderator group, that should be limited to ordinary membergroup (non-admin and non-moderator groups) but he can do so to any profile.

That is what I have in mind on how it should be.  8)

Re: Membergroup Bug

Reply #6

Then, what you are looking for is member groups moderators, probably.

What you are assigning is the permission: "Manage and assign membergroups", and not a "Manage and assign membergroups the member belongs to". It's an administrative permission that means: the member can administrate member groups (except protected ones like admin), assign and revoke them.

I'm not sure I understood what you would like to obtain, but let's see with an example if we can understand better each other. ;)
You have a member that belongs to "regular members"[1] and "committers"[2].
You give him the possibility to change member groups the way you described above, so you give him the possibility to remove him from the "committers" group. At a certain point he does so, and remains a "regular member". Now he belongs only to that group and he cannot add himself to "committers" again. Is that right?
Can we make it a real membergroup at some point? O:-)
Just because there is a committer group here
Bugs creator.
Features destroyer.
Template killer.

Re: Membergroup Bug

Reply #7

Quote from: emanuele – You give him the possibility to change member groups the way you described above, so you give him the possibility to remove him from the "committers" group. At a certain point he does so, and remains a "regular member". Now he belongs only to that group and he cannot add himself to "committers" again. Is that right?

Right. For regular member, ven if this permission is given, nobody should be able to promote / upgrade himself to another "higher rank" membergroup. He may, however, downgrade himself to purely ordinary membergroup.

The selectable list should be what he is allowed to choose all ordinary group except paid group. The intention is, I think, lesser job for mods and admins, as he can do so by himself if his membergroup is allowed to do so.

For commiters, they can upgrade others up to their level as they can modify not only their profile but others profile as well.

Re: Membergroup Bug

Reply #8

Okay, at least we now know this is not a bug, but the intended behaviour of the permission.
 emanuele will move the topic later

Now, on the feature idea.
I can see the "let me manage my own groups" a not so bad idea.
There may be some tricky issues though.
For example, I have seen frequently put members in groups meant to restrict accesses/permissions, in these cases people belonging to these groups should not be able to remove themselves from the group. But, it would not be possible to use the protected attribute for that, because protected groups are meant to be "protected" for assignation (e.g. only an admin can create another admin, but an admin can remove himself from the admin group), so another type of groups is necessary.
Bugs creator.
Features destroyer.
Template killer.

Re: Membergroup Bug

Reply #9

That is, if you mean to give permission to all regular membergroups.

But I mean to give only to certain qualified / trusted group, which is more retrictive I think. Plus, group with restricted access (count group is already excluded) should still be out of the list as it should be considered as higher in rank e.g. Open > Requestable > Restricted > Global Moderator. Paid group should be out of the list too. Seeeing this, if assign to certain trusted regular membergroup, they make change / add / reduce their open / requestable groups (e.g. fan club / car owner / school alumni etc).

Re: Membergroup Bug

Reply #10

Well, you are describing all the problems. ;)

The problem is you have to have:
protected groups (these *shall stay),
groups that can be assigned by people with the permission you are describing,
 groups that cannot be assigned by people with the permission you are describing (that, due to the complexity of the permission system may or may not be complementary to the previous one),
plus all the other type of groups we already have.

In the example you are giving there is:
 "paid" groups[1] should not have the option to be assignable by members with the permission you are describing,
* groups "with restrictions"[2] should not belong to the set as well.

TBH, more than another permission, this seems to me the role of the group moderator[3], with the additional option to assign a certain member group to moderate a member group instead of a single person, so that anyone belonging to the first group can add/remove members to/from the other group (and the two groups can be the same as well).
Does it make sense?
Remembering there is nothing as "paid groups" at the moment, there are groups that can be assigned when a member subscribes to a paid subscription, that is a different thing, because it's not the group that is created to be "paid", but is the paid subscription that "decides" to use a particular groups for something particular. Small difference, but significant. ;)
Remembering that the "group" doesn't really know if it has restrictions or not, it's only the person that creates such a group to know what the group can do.
A group moderator can basically assign/revoke a certain group to anyone.
Bugs creator.
Features destroyer.
Template killer.

Re: Membergroup Bug

Reply #11

Lols. The problem at the first place was regular membergroup can be assigned with that power. It is fine for the global moderator group to be given that authority but definitely not regular membergroup. That is the bug.

Re: Membergroup Bug

Reply #12

Then I have to say I'm a bit lost... :-[ (Sorry, probably thinking about too many things.)
I'll let others comment. ;)

I just want to add that I (personally) wouldn't give my global moderators the permission to appoint other global moderators, not because I don't trust them, but because I trust them as global moderators, but I'm not sure if I can trust them as people appointing global moderators.
Bugs creator.
Features destroyer.
Template killer.

Re: Membergroup Bug

Reply #13

Well, the functions and settings are already in there by default. If it is useless or dangerous, better take them out.

Re: Membergroup Bug

Reply #14

I'm not sure its a bug, but it may not be obvious what "power" you are assigning when you check that box.

The example is
Go to Admin -> Members -> MemberGroups -> Settings   Then add "regular members" to the "Groups allowed to change membergroups"

This will then allow any regular member the ability to go to their or anyone's profile and assign members as Global Moderators.  Yikes!

We may feel that it should not be possible for a member to assign any group membership to a level that is > than your current level of permissions.  For example if you were a manager at a company you can't promote someone to be a VP. 

The problem is, I think at least, is that the permissions system other than Admin and maybe Global Moderator, does not really know what groups are "powerful" since an Admin can create a Membergroup called Noobs and assign it as an admin, the system does not really know that Noobs is greater than regular members or even global moderator. 

So could be dangerous if it was not was you intended.  Maybe a warning that any member groups with this permission can assign any member on the forum to any of the listed groups.