vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Change default permissions in admincp (https://vborg.vbsupport.ru/showthread.php?t=279388)

Ombra 03-01-2012 12:05 PM
Change default permissions in admincp
 
I have my forum set up in such a way that I never use default usergroup/moderator permissions in the admincp.

It's a security risk because if I miss something, I may give someone access to something they shouldn't have. I would like to change the default permissions to something that is "always safe" for the way I run my forum so I don't have to worry about overlooking something. What code do I need to edit to change the default options?

Is bitfield_vbulletin.xml the file I need to edit to do this? Could I edit this file directly, or do I need to do it from somewhere else? I'm a bit intimidated by it, but willing to try to figure it out... I just want to make sure I'm on the right track.

kh99 03-01-2012 01:17 PM
I don't think you wnt to edit any of the xml files, I believe they just assign names to specific bits. If you're talking about the default settings when you create a new usergroup, I think they're in admincp/usergroup.php around line 125:

PHP Code:
else
{
    $ug_bitfield = array(
        'genericoptions' => array('showgroup' => 1'showeditedby' => 1'isnotbannedgroup' => 1),
        'forumpermissions' => array('canview' => 1'canviewothers' => 1'cangetattachment' => 1,
        'cansearch' => 1'canthreadrate' => 1'canpostattachment' => 1'canpostpoll' => 1'canvote' => 1'canviewthreads' => 1),
        'wolpermissions' => array('canwhosonline' => 1),
        'genericpermissions' => array('canviewmembers' => 1'canmodifyprofile' => 1'canseeprofilepic' => 1'canusesignature' => 1'cannegativerep' => 1'canuserep' => 1'cansearchft_nl' => 1)
    );
    // set default numeric permissions
    $usergroup = array(
        'pmquota' => 0'pmsendmax' => 5'attachlimit' => 1000000,
        'avatarmaxwidth' => 50'avatarmaxheight' => 50'avatarmaxsize' => 20000,
        'profilepicmaxwidth' => 100'profilepicmaxheight' => 100'profilepicmaxsize' => 25000'sigmaxsizebbcode' => 7
    );


Ombra 03-02-2012 04:52 AM
Quote:
Originally Posted by kh99 (Post 2305034)
I don't think you wnt to edit any of the xml files, I believe they just assign names to specific bits. If you're talking about the default settings when you create a new usergroup, I think they're in admincp/usergroup.php around line 125
I did edit the xml file "bitfield_vbulletin.xml" to change the default moderator permissions. I added or removed "default="1"" and this worked. I didn't touch the numbers though. I also edited the code you quoted in usergroup.php and that worked for the usergroup defaults. Thanks.

Now I'm trying to track down the avatar gallery defaults. My forum uses the galleries extensively and now that it's several years old we have many "retired" galleries where we change all the "can use" usergroup permissions to "no". This allows members to keep the avatar but the galleries no longer appear on the list. Problem is, since these permissions default to yes, any new usergroup causes us to have to go through all the permissions again to change them to "no". I want all galleries to default to "no" so I just have to switch the registered usergroup to "yes" when I create the gallery.

The page with these permissions is images.php in the admincp directory. I found "$canuse" in the code, but it isn't clear to me where the default setting is specified.

Is this the right section of code to specify the default permission?

PHP Code:
// ###################### Start Edit Permissions #######################
if ($_REQUEST['do'] == 'editpermissions')
{
    $vbulletin->input->clean_array_gpc('r', array(
        'imagecategoryid'    => TYPE_INT
    ));

    $categoryinfo verify_id('imagecategory'$vbulletin->GPC['imagecategoryid'], 01);
    if ($categoryinfo['imagetype'] == 3)
    {
        print_stop_message('smilie_categories_dont_support_permissions');
    }

    $usergroups $db->query_read("
        SELECT usergroup.*, imagecategoryid AS nopermission FROM " TABLE_PREFIX "usergroup AS usergroup
        LEFT JOIN " TABLE_PREFIX "imagecategorypermission AS imgperm ON
        (imgperm.usergroupid = usergroup.usergroupid AND imgperm.imagecategoryid = " $vbulletin->GPC['imagecategoryid'] . ")
        ORDER BY title
    ");

    print_form_header('image''updatepermissions');
    construct_hidden_code('table'$vbulletin->GPC['table']);
    construct_hidden_code('imagecategoryid'$vbulletin->GPC['imagecategoryid']);
    print_table_header(construct_phrase($vbphrase["permissions_for_{$itemtype}_category_x"], $categoryinfo['title']));
    print_label_row('<span class="smallfont"><b>' $vbphrase['usergroup'] . '</b></span>''<span class="smallfont"><b>' $vbphrase["can_use_this_{$itemtype}_category"] . '</b></span>');
    while ($usergroup $db->fetch_array($usergroups))
    {
        $usergroupid $usergroup['usergroupid'];
        $canuse iif($usergroup['nopermission'], 01);
        print_yes_no_row($usergroup['title'], "iperm[$usergroupid]"$canuse);
    }
    print_submit_row($vbphrase['save']);
--------------- Added [DATE]1330669158[/DATE] at [TIME]1330669158[/TIME] ---------------

After some trial and error I found that editing the line "$categoryinfo = verify_id('imagecategory', $vbulletin->GPC['imagecategoryid'], 0, 1);" and swapping the places of "0, 1" changes the defaults to no. However, after testing it doesn't work properly. The defaults appear to be "no" but the galleries are still listed and I occasionally get the "smilie categories don't support permissions" error. I seem to be in the right general area, but there is more to it. Any help would be greatly appreciated.


All times are GMT. The time now is 06:36 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01046 seconds
  • Memory Usage 1,755KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete