What are the current release plans for version 11?
Answer
As of July 22, 2024, we entered beta status where our focus is now smashing bugs and stabilising the software. All planned features have been implemented for 11.0 (and most others deferred to 11.1 or later), though we may still merge in a few minor features or tweaks. The upgrader has been tested on a typical non-custom v10 site.
We will be releasing several beta versions in the beta phase.
We do not know when we will be able to release the first Release Candidate or stable versions at this time.
These plans are all subject to change without notice.
What happens when I add a new usergroup to a third-party forum integrated with Composr?
Answer
If you are not using Conversr as your forum, Composr won't automatically assign any permissions to the new usergroup. To rectify this, you can use the "Absorb usergroup-permissions" feature in the Admin Zone. This tool allows you to copy the permissions from an existing usergroup to the newly created one, ensuring consistent access and functionality.
What are some security considerations regarding super-moderators and super-administrators?
Answer
While super-moderators have extensive access to manage your site, certain sensitive privileges are reserved for super-administrators. This includes the ability to impersonate other users, execute arbitrary code, and view private content. These restrictions help prevent potential privilege escalation and ensure the overall security of your website. Exercise caution when granting super-moderator status and trust only reliable individuals.
What are some useful tools for debugging permission issues?
Answer
Composr provides a couple of tools to help pinpoint permission problems:
FirePHP: This browser add-on allows you to view detailed logs of permission checks performed by Composr. By analyzing these logs, you can identify which checks are failing and adjust your settings accordingly.
Permission Check Logging: Enable logging of failed permission checks to a file (data_custom/permission_checks.log). This provides a persistent record of permission issues that you can review and troubleshoot.
How can I test if my permission settings are working correctly?
Answer
Composr's "SU" feature allows administrators to temporarily assume the identity of another user, enabling you to experience the site as they would. Simply enter the desired username in the "SU" box in the footer. You can also use "Guest" to browse as an unauthenticated visitor. Remember that using "SU" doesn't accurately reflect online status and retains administrator access to sensitive areas.
Can I display different content to different usergroups?
Answer
Yes, you can achieve this by leveraging Tempcode within your templates. By using conditional statements like {$IS_IN_GROUP} and {$HAS_PRIVILEGE}, you can show or hide specific content sections based on the user's group membership or privileges. This technique allows you to "tease" premium content to non-paying users or tailor the user experience based on their access level.
What are match-key permissions and why would I use them?
Answer
Match-key permissions provide a more granular level of access control beyond the standard zone, page, and category permissions. They allow you to restrict access based on specific "match-keys", which are unique identifiers for different actions or content within Composr. For instance, you could use match-key permissions to prevent guests from submitting banners or to restrict access to the member directory for all but specific usergroups. You can also specify custom access denied errors for each match-key.
A "match-key" is typically a page-link, such as cms:cms_banners:add.
How can I control who can view specific pages or categories?
Answer
You can manage access control for zones, pages, and categories primarily through the Permissions Tree Editor (Admin Zone > Security > Permissions Tree Editor). This tool provides a central location to set view permissions for different usergroups. You can also edit individual zone and category permissions through their respective editing interfaces, but the Permissions Tree Editor offers a more streamlined and efficient approach.
What is the difference between access permissions and privileges in Composr?
Answer
Access permissions control whether members of a certain usergroup can view specific areas of your site, such as zones, pages, and categories. A member only needs one of their usergroups to have access permission to view the content. But permissions work on a deny-first policy; if one of the permissions applicable to viewing something is denied for a usergroup, then the whole thing is denied for that usergroup (e.g. even if a download itself grants access, access will be denied if its category denies access).
Privileges, on the other hand, dictate what actions a usergroup is allowed to perform across the website, like using advanced Comcode or bypassing the word filter.
How can I change the news archive display to show summaries instead of just headlines?
Answer
By default, the news archive screen shows only headlines. To display summaries like the news block, add :inline=1 to the page-link. For example, if your news archive page-link is site:news, modify it to site:news:inline=1. This will show summaries instead of just the headlines in the archive view.
What are Trackbacks and how do they work in Composr?
Answer
Trackbacks are a blogging feature that creates a link from an article on one blog to an article on another, acting as a citation mechanism.
How Trackbacks Work:
The original article includes a "trackback" link in its HTML.
When another blogger writes an article referencing the original, their software uses the trackback link to inform the original site.
Composr receives the trackback and displays a list of articles linking back to the original.
To enable trackbacks, go to Admin Zone > Setup > Configuration > Feature options and check the "Trackbacks" option. You can then enable trackbacks for individual content items.
