New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
activity river and invisible group bug 1.7 (Trac #2029) #2029
Comments
moosetrout wrote on 40246516-07-11 We're seeing this in 1.6.1 as well. |
Milestone changed to |
trac user ugomatic wrote on 40475036-01-12 As a solution to this, I propose that in the case of invisible groups, the default access level is set to Group-only for all content posted on the group, over-riding both site and personal access levels. In order to keep things simple, users should be able to post in invisible groups only with the following access levels: (1) that Group, (2) private, (3) if possible, collections of friends where all friends are part of that invisible group Group members should be made aware that they have joined an invisible group, perhaps with a pop-up notification upon accepting the invitation. Apart from the current obvious problem with posting group activity on the river, there is a second one: even if I delete the original activity, it will still be listed on the river for all users to see. |
cash wrote on 40475216-06-30 Deleting content should remove entries from the river. If you are not seeing that, please open up a separate bug report (especially if you are using the latest from the 1.7 branch in svn). |
trac user ugomatic wrote on 40475393-01-01 You're right, this is a different issue - already covered by ticket #1856: http://trac.elgg.org/ticket/1856 |
cash wrote on 40489064-04-14 Current 1.7 branch does not display the group name or group icon, but it does display the title of the topic. Interestingly enough, the icon displayed is that of the current logged in user when the user does not have permissions for the group. The core issue is that Elgg's permission model does not work well with containers. Anything within a container should not have more permissive access than the container itself. The access library does not do anything like this right now. Fixing this is not a 1.7.2 issue so I pushing it back to 1.8. |
Milestone changed to |
Milestone changed to |
Milestone changed to |
@juho-jaakkola is this ticket not fixed by the fix of #6167 ? |
@jdalsem Yes it is. Thanks for reviewing the ticket! |
Original ticket http://trac.elgg.org/ticket/2029 on 40246381-11-30 by trac user Captain, assigned to unknown.
Elgg version: 1.7
clean install of Elgg 1.7 on DELL1950III CentOS 5.4 PHP 5.2.10 (cli) Apache 2.2.3-22 MySQL 5.1.39 using base/remi/epel repos
invisible groups working perfect by create group then edit group and set group access to group name
PROBLEM:
the river activity displays to public (and all other user levels) the discussion of the invisible group (group icon, group name, discussion title, first few lines of the discussion text) betraying the invisible status of the group and breaking the privacy of the group
no 3rd party plugins installed. the error can be reproduced with out of the box 1.7 curverider plugins only
http://community.elgg.org/mod/groups/topicposts.php?topic=472747&group_guid=179063/
The text was updated successfully, but these errors were encountered: