Read only users / Limited user

We would like to designate some user as read-only. So they can see all like any othe rmember of the site, but are not able to post any comments, blogs, pages, etc.

Any one knows a plugin or has idea how we should develop this?

  • Actually I've been thinking for a while that we need a 'visitor' plugin with similar capabilities so I guess the two could be combined with maybe the ability to designate a subscriber as a visitor as well as allowing people to login as 'visitors' and not able to crerate anything on the site.

  • Guys.. guys.. guys..

     

    This is already in the code.. we've recently discovered that access permissions can be set within each plugin via those lines:

    if(isadminloggedin), and, if(isloggedin), and, if($owner.....).. from there, I gues you could simply add

    } else {

    cut loose with whatever you want to display to your visitor...

    }

    I know it can be a tedious process, but at least we have the grounds to work from.. and to be honest, I'd rather do it that way than a plugin with an enterface... Reason: you are more flexible to select not only the degree of access, but also the actual components you want your visitor to access.

     

    Just a thought anyway.

     

    - Carlos

  • Yeah I was thinking more along the lines of somerone being able to login as 'visitor' and being able to etc etc.

    Also and quite dastardly, I was also thinking that maybe it could set a cookie on the users machine that would limit the number of times they could use the visitor login before being directed to the register page.

  • Hi Jed..

     

    When you say 'login as visitor'.. do you mean entering login details..? 

     

    - Carlos

  • Well Yes.  Visitor would be the username & password and anyone using it could enter the site and, basically, look at anything public but not be able to add/edit anything. The cookie thing I mentioned before would be a good idea as well...

  • Ok.. the issues then would be dual login, ie, 2 or more people using the same username 'visitor' logged in simultaneously, and also, the cookie as you mention. I don't think the cookie would be a problem since it is installed on the user's local environment, ie, pc or Intranet terminal, but the dual login would be a challenge I guess.. There would be alot of sacrifices as far as security is concerned I presume.

     

    Is it absolutely necessary that the visitor logs in..?? would it not be the same if the same degree of access is given without login?

     

    - Carlos

  • Hello Carlos, Jededitor, Tom,

    This idea is very good one. One thing that happens frequently is that new registered users, are clueless on how a certain website works. Because they have the idea that they are in Facebook, they start posting all kinds of nonsense, tests, blank and useless groups.

    So, this idea comes from the principle, that you have to earn your way around to be able to post, you have to observe a bit, and then gain access to posting.

    So at the beginning, one user might have access only to having friends, and joining groups. Then later on, given access to do more things, but with the idea that this is not a cheap thing, so i'd rather make my submissions valuable.

    This is they way in which we can prevent communities transforming into "Youtube comment by cursing program", or "Myspace gigantic nonsense archive for 10 year olds".

    But, it has to be done with plugin, hardcoding every single plugin, seems kind of Microsoft.

    Regards,
    Uddhava dasa

  • Hi Uddhava..

     

    I am not sure about the idea of earning your way into a social networking website.. in all honesty, I wouldn't be encouraged by it.. I guess the idea is more of a 'demo like' module where potential members can see what the site is about before signing up.. Many people use that method.. there's hardly a CMS or Social Networking script out there that doesn't come with a 'live demo' where a potential buyer can login as 'demo' and see what the product does.. But most of the time, the login form you see is actually a dummy... all it is a simple form with 2 input boxes, validated with JS and the submit button is a simple <a href...> link that take you to the demo.

     

    The other thing we need to remember is the 'Register' feature.. if we make it a condition that you have to do time before you get to register, then oh boy, we definitely need to hack the core because we might run into other problems like duplicating tokens, session id's and the rest.. on the other hand, if we leave the 'Register' feature open to everyone, then what's the point in having a 'visitor login'..? 

     

    Just my thoughts.

     

    - Carlos

  • Carlos, ok, started a new thread with that particular goal in mind. Let's continue your idea here.

  • @Carlos

    So what are you thinking about? Some sort of button on the login page? That strikes me as a more logical and it could be used on sites with their own form of login page.