FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » FUDforum 3.0+ » Controlling user access externally
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
Controlling user access externally [message #22504] Sat, 05 February 2005 04:16 Go to next message
krbvroc1 is currently offline  krbvroc1   United States
Messages: 31
Registered: February 2005
Karma: 0
Member
Hello, I'm trying to accomplish some things and I'm having a tough time.

I currently have a website, mailing list and local NNTP server. We use FUDforum to suck articles from the NNTP for those users who cannot/will not use a newsreader.

Here is our scenario. People who are not members within a database adminstered from our website cannot post. Thus there are 3 types of people.

1) Anonymous - these people get read-only access to everything
2) Unregistered - these people are present in our database but are either unconfirmed or have been disabled. These people get read-only access to everything.
3) Registered - these people are present in out database and get full read/port capability.

Implementing this policy has not been tough in my other areas.
For the website, we query the database. For the newsreader, I use authentication from a db4 file that the website updates. For the mailing list, I added a handler to the python code of mailman to query the database and use the 'moderation' flag and automatic rejection.

Trying to do this in Fudforum is a problem. Partly becuase I'm finding it tough to figure our the design/code. Partly because of the access model.

Several searches here said there was a FUD API. One response said that it supported add / remove users. I do not see that in either the latest stable or latest RC version. It all appears to be related messaging / online users.

I was able to create a standalone php program that creates a 'fud_user_reg' object, fills in some fields, and calls add_user(). I had to modify add_user() to pass it an optional flag. It is now add_user($password_is_md5=0). I need to pass a password that is already encrypyed. add_user expects plaintext. Perhaps you can add this minor change? This way only users in our website database are created and they have a common username/password.

I have no idea of how to implement the access policy. Basically I thought I could create a stand alone php function which our website would use to modify a users group membership. I cannot figure out what tables are involved and how they relate! Conceptually, shouldn't I be able to change a registered user to an 'anonymous level user'. From the admin-land it appears anonymous level is what I want. I don't use any levels other than the two defaults. I was looking at the fud26_groups and fud26_group_members tables but I cannot figure it out. So, if I want to move a user using SQL commands from resitered level to anonymous level, how can I do this?

Thanks
Re: Controlling user access externally [message #22514 is a reply to message #22504] Sat, 05 February 2005 17:10 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
FUDAPI is stored inside a scripts/fudapi.inc.php all recent versions (as as 4-5 month ago) have it.

Group permissions are comprised of several tables

groups table -> stores group information
group_members -> stores members of particular group and their permission settings.
group_resources -> associates a group with 1 or more forums
group_cache -> cache table generated based on the data in the previous 3 tables. This table is what the forum actually uses to determine permissions.

The code for doing group permission manipulations can be found inside
groups.inc.t()

You have:
grp_delete_member() - delete group member
grp_update_member() - update group member
grp_rebuild_cache() - rebuild group cache

To Add a member you simply do something like this:

INSERT INTO fud_group_members SET group_members_opt=permissions_bit_mask, group_id=group_id, user_id=user_id.

Once you either add/update/delete group member you need to rebuild the cache. If you were working with just 1 person specify that account id to grp_rebuild_cache() to simplify the cache rebuild process.

The meaning of various bitmasks can be found inside group_perm_array() function of groups.inc.t


FUDforum Core Developer
Re: Controlling user access externally [message #22516 is a reply to message #22514] Sat, 05 February 2005 17:30 Go to previous messageGo to next message
krbvroc1 is currently offline  krbvroc1   United States
Messages: 31
Registered: February 2005
Karma: 0
Member
Thank you for your reply. I found another solution for my needs and I thought I'd share it.

After studying the code, I determined that I could use the New Account Moderation feature for this. I set it up so that all new users are set as moderated. This is also referred to as the 'Approved/Unapproved' flag. I wrote a php script that toggles this bit in the users_opt (2097152). On my default setup, if a user is unapproved they are treated like an anoymous user. They can login and read, but they cannot post. I modified the 'Unapproved' text (login_unapproved_account_ttl, login_unapproved_account_msg) to explain this to the user. This is exactly what I wanted.

In order to create a user, I had to modify (in a backwards compatible way) the add_user and sync_user methods. I wanted a way to pass already md5 encrpyted passwords during user creation.

I then changed usercp template. I modified removed the 'required' information and referred the user to an external site. I think I had to remove code which looked for the user to enter a password to confirm their profile update - no need for that. The profile update now controls all forum related options, but not the 'required' fields.

As far as the FUDAPI some other posts said that it included add user and remove user - that is not true.

As far as the group members, I think I was confused because despite several thousand members, there are only 23 rows in that table. Do they just cover the per group anonymous/registered unless you start adding users?
Re: Controlling user access externally [message #22521 is a reply to message #22516] Sat, 05 February 2005 21:08 Go to previous message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
Quote:


As far as the FUDAPI some other posts said that it included add user and remove user - that is not true.



yeah, you're right. I guess it's one of those features I've implemented in my sleep Wink

Quote:


As far as the group members, I think I was confused because despite several thousand members, there are only 23 rows in that table. Do they just cover the per group anonymous/registered unless you start adding users?



Groups normally have 2 special users, 1 for controlling permissions of all anon visitors and one for controlling permission of all registered users, who don't have a dedicated entry inside the group.


FUDforum Core Developer
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: Notice: Undefined index
Next Topic: Question regarding email support
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Dec 26 17:53:15 GMT 2024

Total time taken to generate the page: 0.03400 seconds