Automatically, create, assign & enforce read permission for each new group

  • Resolved phantomdentist

    (@phantomdentist)


    11 years, 7 months ago

    It would be great to give editors the ability to add a group without allowing them access to assign capabilities to groups. This allows them to access admin functionality by assigning an admin capability to a group and then assigning themselves to the group, and we don’t want that ??

    If when a new group were created:

    1. a new capability was automatically create named after the group
    2. the capability was automatically added to the group
    3. the capability was automatically shown in the Access Restrictions metabox.

    then not only would it speed things up generally, but it would mean if a new groups options page Permissions option was added, which gave the selected role permission to add a new group, but nothing else, editors, or any other role, would be able to create groups and choose which content was accessible by which groups. This would mean editors can create as many groups as they like, extremely simply, and without a security risk.

    https://www.ads-software.com/extend/plugins/groups/

Viewing 1 replies (of 1 total)
  • Plugin Author itthinx

    (@itthinx)

    It would be quite easy to achieve this with an extension (plugin) that builds on Groups’ API:

    – Hooked on the groups_created_group action, apply steps 1, 2 and 3.

    Oh and of course, instead of using a role that allows to use that functionality, you can also create or use an existing capability, assign it to a group and thus allow members of that group to do it. But if it’s all editors, than letting them do it would probably be easier.

    I’m not sure if something like that should go into the Groups core, mainly because I’d like to keep it within its layer of abstraction without going too far up into use cases that build on basic ones. I would still consider the possibility though ??

Viewing 1 replies (of 1 total)
  • The topic ‘Automatically, create, assign & enforce read permission for each new group’ is closed to new replies.