- Forums
- Community Discussions
- Community Builder
- General
- [SOLVED] Front-end editing of read-only fields?
[SOLVED] Front-end editing of read-only fields?
- empy
- OFFLINE
-
Junior Member
- Posts: 38
- Thanks: 2
- Karma: 0
13 years 3 months ago #149812
by empy
Replied by empy on topic Re:Front-end editing of read-only fields?
krileon wrote:
Sorry, but that does not make any sence. At least not in my case.
I will have about 50 registered users and among them about 6 publishers/moderators. If a moderator account gets compromised, the attacker can destroy the profiles of the 44 ordinary users anyway, in addition to a lot of stuff not related to CB. It means that I have to restore the whole site from backup. If the attacker can destroy the last 6 moderator profiles, I still have to do exaclty the same thing, restore the site. So that restriction just makes it harder for us to let the people who produce data make the changes themselves (which is the core goal for this project). And the added security is exactly zero.
My proposal was not to change the default behaviour, rather to provide an alternative behaviour. And I still think that is something you should do.
Mike
Post edited by: krileon, at: 2011/01/03 15:35
What the last sentence means if User A is an Author moderator and User B is an Author moderator that they can't edit one another. This protects the moderators. Say if 1 moderator account was compromised it does not risk ALL your moderator accounts, etc.. No workaround for this, sorry.
Sorry, but that does not make any sence. At least not in my case.
I will have about 50 registered users and among them about 6 publishers/moderators. If a moderator account gets compromised, the attacker can destroy the profiles of the 44 ordinary users anyway, in addition to a lot of stuff not related to CB. It means that I have to restore the whole site from backup. If the attacker can destroy the last 6 moderator profiles, I still have to do exaclty the same thing, restore the site. So that restriction just makes it harder for us to let the people who produce data make the changes themselves (which is the core goal for this project). And the added security is exactly zero.
My proposal was not to change the default behaviour, rather to provide an alternative behaviour. And I still think that is something you should do.
Mike
Post edited by: krileon, at: 2011/01/03 15:35
Please Log in to join the conversation.
krileon
Team Member- ONLINE
- Posts: 68515
- Thanks: 9087
- Karma: 1434
13 years 3 months ago #149916
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re:Front-end editing of read-only fields?
We've plans to rework the entire permissions system, but that is not happening until CB 2.0 or even possibly greater. For the time being this is simply how it works. However, CB is open source and you are more then welcome to make any changes you feel necessary. Does not seam vital to allow Moderator X modify Moderator Ys profile.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- empy
- OFFLINE
-
Junior Member
- Posts: 38
- Thanks: 2
- Karma: 0
13 years 3 months ago #149921
by empy
Replied by empy on topic Re:Front-end editing of read-only fields?
Thanks,
Ok, I will head over to the feature request forum with this one.
I try to avoid hacking around in the code. First, it makes upgrading harder. And second, my php skills could be better. But I will consider it in this case.
Mike
Ok, I will head over to the feature request forum with this one.
I try to avoid hacking around in the code. First, it makes upgrading harder. And second, my php skills could be better. But I will consider it in this case.
Mike
Please Log in to join the conversation.
Moderators: beat, nant, krileon
- Forums
- Community Discussions
- Community Builder
- General
- [SOLVED] Front-end editing of read-only fields?
Time to create page: 0.190 seconds
-
You are here:
- Home
- Forums
- Community Discussions
- Community Builder
- General
- [SOLVED] Front-end editing of read-only fields?