 |
|
You are here: Foswiki>Support Web>SupportQuestions>Question938 (07 Sep 2011, ChristianDHeureuse)Edit Attach
This question about Using an extension: Asked
Restrict update/delete of comments for MetaCommentPlugin
By default, normal users are allowed to change and delete comments of other users. I want to restrict this, so that only moderators or the original authors may change or delete comments. I added the following statements in lib/Foswiki/Plugins/MetaCommentPlugin/core.pm in jsonRpcUpdateComment and jsonRpcDeleteComment: throw Foswiki::Contrib::JsonRpcContrib::Error(401, "Access denied (only moderator or original author may change)")
unless $comment->{author} eq $wikiName ||
isModerator($wikiName, $web, $topic);
In WebPreferences I added the following line, so that only members of the admin group are moderators (without a preference setting for MODERATE, all users would be moderators):
Set ALLOWWEBMODERATE = %USERSWEB%.AdminGroupIs there a better way to do this without having to modify the source code of the plugin? Two problems remain: 1. No error message is displayed when a user tries to delete a comment and the server program sends 401 "Access denied". 2. The permission check for updating a comment should be made earlier when the user clicks the "edit" button and the popup is opened, and not only after the user tries to save the modified comment. -- ChristianDHeureuse - 07 Sep 2011
QuestionForm edit
| Subject | Using an extension |
| Extension | MetaCommentPlugin |
| Version | |
| Status | Asked |
| Related Topics |
Edit | Attach | Print version | History: r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r1 - 07 Sep 2011, ChristianDHeureuse
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. 
Legal Imprint Privacy Policy
Legal Imprint Privacy Policy