Features / Usability

Features / Usability

Permissions By Category per Group - unexpected performance

posts: 1 United States

Hello all - please note I am making updates to this as I continue to debug / test items.

I realize there is a wealth of documentation on permissions - though I am having issues getting them to act as expected.
Side-note: the images in the permission documentation section are not loading for me (Safari)

I am trying to set up a series of secure categories in our tiki
Current version: 18.4svn (understand it is out of date, we will work on updating that)

Multiple categories (about 100), multiple groups (about 30)
Each category should have access controlled by group
Three general sets of permissions: Write / Read (but not write) / No access

Example structure for the tiki:
See Imgur link at the bottom
Example categories are x-axis, groups are y-axis
Red = no access - should have no knowledge or visibility of objects in this category
Green = read + write access - should be able to browse all objects in this category
Orange = read only access - should be able to read but not edit objects in this category

Objects and features we want to use:
Wiki pages, spreadsheets, tags, file browsers

I am setting permissions (wiki_view / wiki_edit / category_view) for a test user in a test category, however I am not able to see any objects in that category when I log into the test user account

Edit - 2019 09 16: I have determined that this was due to parent categories not have the correct "read" access permissions for a group. By setting a user to be able to see the parent category and edit the child category, the correct abilities are starting to appear.

New issue: I am seeing an issue where a user may click on "create wiki page" but no editable fields are available on that page - ergo a wiki page cannot actually be created.
Question: What permissions govern the ability to access the actual create wiki page capabilities for a category?

Request 1:
Any detailed guidance would be very much appreciated
Global permissions should be used only where necessary
Main goal is that access is governed primarily by a group's permissions in a given category

Request 2:
Is it possible to define a 'permission variable' to speed up the permission setting process for a large tiki like this? EG:
Read = this set of permissions
Write = this set of permissions
Set group permissions as Read / Write / None?

Please see the following Imgur link for example access outline
I have also linked my first (seemingly failed) attempt at category permissions

Imgur Link

posts: 8299 Israel

Hello Infandus,

In my opinion, your case require more than just a quick read on the forum and an answer and it will require more to have a complete answer (look for https://tiki.org/consultants).

I suggest you try to simplify and ask for support on specific and simple question not a complete setup of your permissions.

Request 2:
Yes it’s called category jail. Using category permission you can define such.
However in your case you will have a good headache with permissions cascades.

I suggest your to create a prototype and set demo permission one at the time for one user/group then to expand and see where it fail to correct. Once you know what to do move what you’ve learn to you main website.

I would also suggest you to work with Firefox or Chrome.
I’m a Mac user but Tiki is not 100% with Safari (javascript and other oddities). Beside to check permission I suggest you to open several browsers with different users.

Not being rude just realistic... ;-)
Good luck.