Hi, I've been researching usergroup permissions and how multiple groups interact with each other. From what I've read it seems like permissions are added "bitwise". For example, if a user has access to a mod in their primary group, but does not have access to it in any of their secondary groups, they will still gain access to the mod as long as at least ONE of their groups have access.

I.E. 001+000+000 = 001.

The mod is using $permissions and $vbulletin->bf_ugp.

The author is trying to tell me that if a user is a member of 3 groups, that all three groups have to have access permissions set for the mod or the user will be denied access. This seems like a load of bunk to me... Seems more like a coding error to me.

I just want to confirm how permissions are supposed to behave before I communicate back to them.

Thanks,

ErnestA.

As long as what your wanting to give your mods is OK in there primary group then they can, but if they can not do something in there primary group but there secondary group says OK then they are still NOT able to do so. Unless you set their primary group to allow member groups, then it will add both YES's of each group to the total YES's, NO's will still be NO's of course.

Thanks for the reply... Bad choice of words on my part... When I say a mod... I meant access to a given module installed, not a moderator. My bad...

Let's say a module has added access parameters which show up as part of the permissions which you set in any usergroup screen in the admincp.

Let's say the primary group is set to YES and the two secondary groups are set to NO.

The end result should still be YES to access shouldn't it?

In any case if "Allow member groups" is set to yes.... Then any combination of YES + NO (as long as there is at least ONE YES) will always equal YES, would it not?

Thanks,

That is correct.