moderated More granular permissions #suggestion


 

(starting a new topic)

I'm happy to suspend work on moderate-all-the-things to focus on improve permissions, but we need to decide what that would look like.

I'm hearing two different permissions-related requests. One is more fine grain moderation permissions, as talked about by Bruce:

My personal needs do not involve moderation, but fine-tuning of user permissions. Currently, there are some things only Moderators can do, thus I am forced to make some people Moderators who really don't perform a Moderator function. To really address this, I would like the member record to contain some kind of permissions grid. Allowing me to moderate things after the fact seems like a band-aid.

What are those things? Is this solved by adding more Moderator Permissions checkboxes?

And from J, I'm hearing that she wants improved permissions in the Files section, where she can allow some people to edit some folders but not others:

For files, I would prefer moderation at the folder level. I'm not sure whether this is what you meant.

What I'd really like is upload/edit permission to be granular at the folder level. I don't want people touching some of our informational files, but I do want people to be able to upload files about their own cats. Unfortunately, because it's currently a blanket permission, I don't let anybody upload or edit any files. But I think this is a separate issue.

It seems like those two requests are separate "permissions systems," for lack of a better term.

JohnF had an interesting proposal:

What might work for groups.io is a hierarchy of access permissions for each part of the group:

  1. No Access - Can't get in that area at all.
  2. Read-Only Access - Anything posted/uploaded needs approval.
  3. Write Access - Can post/upload and edit/delete your own items.
  4. Approver Access - Can approve/reject pending items, like moderated messages, but cannot edit or delete items belonging to other users.
  5. Moderator Access - Full access to that area.

But I'm not sure how that would encompass our existing Moderator Permissions checkboxes. Or do the moderator permissions exist as a separate entity, and JohnF's access permissions apply to the normal group sections, like Files, Photos, Wiki, etc. And do they apply "within" the sections, like to individual Folders, to address J's need?

Thanks,
Mark


 

On Mon, Apr 25, 2022 at 09:40 AM, Mark Fletcher wrote:
And from J, I'm hearing that she wants improved permissions in the Files section, where she can allow some people to edit some folders but not others:
Mark, should have made it clear that I wasn't proposing granularity at BOTH the member and the content level. Just one dimension: content. It's more "can allow people to edit some folders but not others," leaving out the "some people." It would be "all people." I can see things getting severely complicated if permissions were implemented in both dimensions. I was simply suggesting that "who can edit and upload files" could be a per-folder, or even per-file (although I don't need it down to that level) permission. Instead of "who can edit and upload files" being a group-level setting, it would be a setting for each (top-level) folder - like how wiki pages each have their own permissions. I'm afraid that making it both "per folder" and "per member" would be complicated to manage by users (aside from it possibly being complicated to implement). Of course, if that complexity can be smoothed out, I'd have nothing against it. But I personally don't need granularity at that level.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

Hi J,

On Mon, Apr 25, 2022 at 11:26 AM Janet_Catlady <JanetOliviaCatlady@...> wrote:

Mark, should have made it clear that I wasn't proposing granularity at BOTH the member and the content level. Just one dimension: content. It's more "can allow people to edit some folders but not others," leaving out the "some people." It would be "all people."

Wiki pages have a `Only moderators can edit this page` checkbox. You're asking for `Only moderators can make changes to this folder` on File folders?

Thanks,
Mark 


 

On Mon, Apr 25, 2022 at 11:40 AM, Mark Fletcher wrote:
But I'm not sure how that would encompass our existing Moderator Permissions
checkboxes. Or do the moderator permissions exist as a separate entity, and
JohnF's access permissions apply to the normal group sections, like Files,
Photos, Wiki, etc. And do they apply "within" the sections, like to individual
Folders, to address J's need?
I did intend for there to still be group-level permissions. For example, if you don't want your moderators to be able to edit messages, you can set that at a group level without having to set it for each moderator. But then, what if there is one specific moderator that you do want to be able to edit messages? Then, you could have three different settings for each moderator for the messages area: "Default", "Allow", "Deny". I'm trying to keep things from getting too complicated, though, and that might be too complicated.

Likewise, I wasn't expecting to establish permissions for individual folders, but it also depends on how important that is versus how complicated it gets.

Whatever you decide, consider hiding anything that seems complicated and not important for most groups behind an "Advanced Settings" link.

JohnF


 

On Mon, Apr 25, 2022 at 04:26 PM, Mark Fletcher wrote:
You're asking for `Only moderators can make changes to this folder` on File folders?
Mark,

That's the gist of what I'm asking for, yes.  I assume that for wiki pages, "Only moderators can change this page" comes up only if the group setting for wiki pages is that anyone can view and edit them (? my group has that setting, and I see the override boxes, but I don't know what happens if the group setting already restricts edits to moderators). So if the group setting for files is that anyone can view or edit, then I suppose that to implement what I'm looking for, specific folders would have an override as a checkbox ("only moderators can update files in this folder") just like wiki pages do. But there may be a better way to go about this.

I think you do want to maintain a group default and then specific elements (pages or folders) would allow overriding of the default. If the default is that only mods can update x, then x would have an override box to the effect that "all members can update x." That would be the case in my group, with files. My group's default is not to allow members to edit files/folders, but I would like members to be allowed to edit/upload to certain specific folders. So in my group, it would go the other way around.

I guess it doesn't matter which way you do it: (1) allow everybody and then override specific elements to restrict to mods, or (2) allow only mods and then override specific elements to open it up to all members.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

Hi Mark,

Not knowing what "moderate-all-the-things" group settings scheme you're thinking of, the ideas below may be not be that practical.

In order to stay away from the complexity a combined user plus object permissions system can devolve into, and assuming we're keeping it to Files-Folder access control (or possibly Photos-Album as well in the future), what about adding a new toggle property to the Folder, let's say LockOverride, db default Off/False.

When perusing Files, only if the group-level Files setting is "Members can view mods can upload", LockOverride's clickable icon gets enabled and displayed then, as either a closed lock (default-members cannot upload) or open lock (override-members can upload).  It gets appended to the folder's clickable options icon set, or possibly incorporated to the folder icon itself (but which would then require some linkage adjustment there).  All then an owner (or mod?*) has to do is click on that icon to either now unlock the folder for member upload or lock it back again.  (*I assume for simplicity we also default to allowing the mods as well to set this folder override and not add another checkbox in their permissions to control that)

For example, in a group where "Members can view mods can upload" files, a member would see the same screen as now but with the additional lock indicator as well, not-clickable for them of course:

(possibly add some color in the mix now for visual impact? For example, unlocked folders display the open lock in green, locked stay the same blue)

Same for mods, they see the same screen now but with the clickable lock indicator.

In any other Files group setting except the above, the icon is hidden and also doesn't apply or get checked during upload time.

This should be relatively easy to implement and can take care of Files folder-level access control, and can also be reused for Photos-Album later on, it doesn't interfere whatsoever with the current Moderator Permissions structure, and helps J and other folks (I can put it to use as well in my printer techie group Files section).  


For finetuning moderation/area/section permissions, it would be nice to be able to finetune certain settings permissions so you can handle troublemakers, let's say you have open Files but you want to prevent John Doe from uploading, or you want to handle folks who are supposed to help you do some task like reorg your Read-only Files structure, without making them mods.

We could introduce a new group user role which could handle both the assistants/helpers and the troublemakers, maybe "Custom" or something like that, so we now have:

1. Owner
2. Moderator
3. Member
4. Custom

We first move the member into that role, then the available options/permissions/etc for it display, same style as it does for mods now, so this way we can set those specialized user-level permissions without having that whole option set displayed every single time we go into any member's subscription screen.

What those capabilities/options are for this role needs to be determined, but it could be a list of the (applicable and not already used in the mod role) group areas/options, and for each area it would have the permission(s) dropdown/checkbox or whatever.  For example, for Files, the available settings could be "No Access/Entry allowed" "Can Read but not Upload", "Can Upload+Edit/DeleteTheirOwn", "Edit & Approve Pending Uploads", JohnF's idea in other words, minus the mod part so there's no conflict, for that we just promote them to mod as we do now.

There's also the option of moving some of the more trivial current mod functions to this Custom role, like the Add/Edit Hashtag option for example, possibly View Memberlist, etc, I don't know, doing so can help in trimming the mod pool to the necessary ones only.  But overall I think it would take care of what folks would like as it would give the group owner(s) some very good moderation capabilities we don't have now.

Also, unless if you have plans for adding the ability to add customized roles (and permissions) like President, Secretary, possibly Treasurer, etc, for organizational-type groups, this Custom role could also be used to indirectly allow that now: For example, all users can read stuff but the officers can also edit that stuff, but are not mods now with this new role.

Cheers,
Christos



Ginny T.
 

Ok as suggested from the beta group, I'm adding my request here to add a way to optionally  limit creation of photo albums to moderators. That is, only moderators in a group may create albums; members may not. This does not extend to uploading photos, only the creation of albums. Members may still upload photos but they must be put into an existing album, and only moderators may create those albums. I would like this to be optional of course, so that those groups that wish to allow members to create their own albums may continue doing that; those groups that need to limit it have that option.

Actually, it wouldn't be a bad idea when it comes to new file folders, either - but the "crisis" right now in several groups I own/manage is in photos. We end up with multiple albums for the same subject, and/or inappropriate albums. If album creation was limited to moderators only, it would solve the problem very nicely (thank you).

Ginny
--
Ginny T.  gttemari21@...
========
TemariKai.com


 

Hi All,

I've just added a selector when adding or updating a File folder, with the following options:

- Any group member can add files to this folder
- Only you and the moderators can add files to this folder

This setting only applies to the folder itself. If there are nested folders within it, this setting does not apply to them.

I have also changed the existing comparable Photos album setting from a radio button to a selector, to mimic this.

Please let me know if you have any questions.

Thanks,
Mark