Forum OpenACS Q&A: Strange permission behavior of forum package

Collapse
1: Strange permission behavior of forum package
Posted by Nima Mazloumi on 01/26/04 10:45 PM
Hi all,

I experience strange behavior with the discussion forum of dotlrn. When I create a new post as course admin everything is fine. I can read my posts. No problem.

But login in as simple member of the class and trying to view created posts I get the following message:

We're sorry, but it appears that you do not have the permission to perform this operation.

Trying to create a post works. But after its creating I receive the same message as above. I cannot even read my own posts.

I tried to reproduce this on the test server. But it was not possible to view the discussion forums at all. Even thou they exists. Are different installations used depending on the user role? Is this the reason why I cannot see the forum? But this would explain why even the course admin cannot see the forum portlet. Only through the admin page it is possible.

Greetings,
Nima

Collapse
2: Re: Strange permission behavior of forum package (response to 1)
Posted by Nima Mazloumi on 01/26/04 10:49 PM

Here are the permission settings of the forum

Name  							Read  Create  Write  Admin  Remove All  
Administratoren von Wirtschaftsprüfung - Lernmodule       			x     
Main Site Administrators            
Main Site Members            
Teilnehmer von Wirtschaftsprüfung - Lernmodule            x	x	x	
The Public            
Registered Users
Collapse
3: Re: Strange permission behavior of forum package (response to 1)
Posted by Nima Mazloumi on 01/29/04 09:04 AM
Fount out that I am not the only one making this experience:

Posts:
https://openacs.org/forums/message-view?message_id=156482

Bug:
https://openacs.org/bugtracker/openacs/com/forums/bug?bug%5fnumber=1338

Could it be that noone is assigned to discussion forum bugs at all? 16 Bugs are reported but non is processed.

Greetings,
Nima

Collapse
4: Re: Strange permission behavior of forum package (response to 1)
Posted by robert parker on 11/24/05 02:24 PM
This still seems to be a problem in "Forums 1.1.2d4" on "OACS 5.1.5"

I think I eventually worked round it by granting "write" permission to all "Registered Users" at the level of the forums package mount. Granting forum_write didn't help!

Does anyone have any comments on whether I've done the right thing (security-wise)?

I found it bewildering to have a page like "/permissions/one?object%5fid=NNN" showing a different set of permissions and grants from that shown on "/forums/admin/permissions?object%5fid=NNN". Can someone please explain what's going on ?

b.t.w. what's the difference between "Registered Users" and "Main Site Members" ?

yours, confused
Robert