PDA

View Full Version : Creating a user and forum; setting permissions


tms1791
02-21-2009, 08:29 PM
I'm working on a script that hooks into the vB framework and from submitting one form, it creates a new user, a new forum, and gives permission to only that user to view/post in the new forum. Basically, we want our customers to have "private" forums that only them and staff can see & use.

I can create/set these things (user, forum, permissions, access mask) manually and it works just like I want it to, but when trying to do it all in one shot using my script, something's not getting done.

First, I'm creating a user - no problem. Looking at the user in the admin cp, everything's perfect.

Next, I'm creating a forum named after a custom field from the new user's profile (company name). Looking at the forum in the admin cp, everything's perfect.

Then I set the group permissions on the forum. I looked at forumpermission.php and basically copied the routine for setting all the groups to 'deny', but I'm excluding the admins, mods and superusers. Looking at the permissions in the admin cp, everything's perfect.

Finally, I set the access mask. For this I'm just inserting a row into the 'access' table, setting the fields as userid=$newuserid, forumid=$newforumid and accessmask=1. Looking at the mask in the admin cp, everything's perfect.

Now... when I load the vB home page in a different browser (I use Firefox normally, I use IE for testing so there are no cookie issues), I can see the forum I just created. I'm viewing the site as a guest - not logged in at all - and I also can't see the customer forums I set up manually (as it should be).

So something's not being done. Every setting is correct, according to what can be viewed in the admin cp, yet guests and other customers are still able to see the forum that they shouldn't be able to view.

I'm pretty sure the problem is in the section that's setting up the group permissions. Here's the code I'm using for that, plus the code for setting the access mask:
// deny all user groups except mods/admins
$groups = $db->query_read("SELECT usergroupid FROM " . TABLE_PREFIX . "usergroup");
while($group = $db->fetch_array($groups)) {
$mpssql = "REPLACE INTO ".TABLE_PREFIX."forumpermission (forumid,usergroupid,forumpermissions) VALUES ($forumid,".$group['usergroupid'].",0)";
if(($group['usergroupid'] != 5) && ($group['usergroupid'] != 6) && ($group['usergroupid'] != 7)) { // do not deny mods and admins
if(!$mpstesting) { $db->query_write($mpssql); }
}
}
// apply access mask for new user
$mpssql = "INSERT INTO ".TABLE_PREFIX."access (userid,forumid,accessmask) VALUES ($userid,$forumid,1)";
if(!$mpstesting) { $db->query_write($mpssql); }
(The $mpstesting variable is just a flag I'm turning on or off that, when on, keeps the script from actually "doing" anything)

Any suggestions? Before I go digging through a lot of vB code that I'm not too likely to understand very well (I have very little OOP experience), I'm hoping that someone can say "I see the problem, you're not doing <insert simple thing here>!". :)

If anyone wants to see more of the script, or even the whole thing, just let me know.

Dismounted
02-24-2009, 05:01 AM
Did you rebuild the forum counters, etc.?

Marco van Herwaarden
02-24-2009, 07:26 AM
Why do you need all this? Why not have 1 forum for all your users and set the permissions so they can only see their own threads?

Creating a large amount of forums (> 1.500) might lead to server problems.

tms1791
02-24-2009, 01:43 PM
Why do you need all this? Why not have 1 forum for all your users and set the permissions so they can only see their own threads?

Creating a large amount of forums (> 1.500) might lead to server problems.

That make entirely too much sense. Why would I want to make it so easy on myself?! ;)

Hadn't thought of that - I'll play around with the idea and see how it works out. Thanks for the tip!