I'm trying to set up a Moderator role that only has the User Management permission to "Manage roles, user bans, and abuse notifications in admin and user profiles" over one specific category. In all other categories in our community the user with this role should not have this permission or any moderator role whatsoever.
I've set up at the community level a copy of the moderator role with that option set to GRANT. I then set the role with the same name on the category and sub-boards with the other options I set to GRANT. I also set up a copy of that role with everything set to DENY and set that role on all other categories with all options set to DENY.
It doesn't appear to be working, I can still see the ban and abuse options on messages in a category where I believe it should be DENIED.
Anybody have any ideas?
I have a problem with role permissions myself at times. The problem is Grant/Allow trumps deny as it flows down and you have Grant at the root. Without playing with it, I don't have an answer (I hope someone else does), but you could try setting the DEFAULT permission for managing roles, permissions, etc at the root/community level to DENY, also setting that role to DENY at the root, then setting it to allow for a specific role at lower levels where you want it to be in force.
I'd like to try that, unfortunately this setting "Manage roles, user bans, and abuse notifications in admin and user profiles" is only available @ the community level and can't be changed down the chain. ☹️
Hi @dkytasaari - I am wondering what is your use case for wanting to have certain users moderate within only specific areas? Perhaps there is another approach you could take here depending on what you are attempting to accomplish.
For instance, if it's about user management - perhaps a user group (or the new Group Hubs) would be a better option.
@lilim - We have a category and sub-boards that we would like a specific group of users moderate, but not allow them to moderate any of our other categories that can have visibility to, but we want to prevent them from moderating. The honor system is great, but sometimes accidents happen and we'd just like to be able to keep them from having the ability of making a mistake. I looked at groups. I set up an admin and a user, but while the admin could see the group, I could not get the user to see it, even though I had all hide check boxes unchecked.
Would the users be able to moderate topics without needing to manage users? We have granted our super users the ability to do tasks like move topics, posts as spam -- and if there is someone that needs to be banned for spamming, they can report the post to us to evaluate.
For the user group, there are a lot of settings/permissions at play, so it's hard to say what the problem could be. Perhaps the user needed the GroupMember role? Or the GroupMember role needed its permissions updated?
In their particular case they would not need to manage the users. We do however have this permission turned on for our regular moderators "to "Manage roles, user bans, and abuse notifications in admin and user profiles" at the community level, the only place where is can be set and can't be overwritten below. I made a copy of that role for our special case and turned that option off, but it still appears to be available to them.
As for Groups, the user I tested with had the GroupMember role in the group, it was just in the community I cannot see how this user actually gets access to the group. I was going with the default permission settings for Groups.