Restrict users to post a blog/news

Hi everyone,

Since there is not a plugin available at this moment to define user roles, and restrict acces to certain 'goodies' on the website, I am looking to a simple way to restrict all users to post a blog and only allow a few. I would love to be able to do the same thing for THe News plugin by 13net (

Perhaps someone can be as kind to point me into the right direction? :)

Thanks in advance,



  • Unless you have any other requirements, it should just be a matter of disabling the other plugins so that blog is the only tool available.

    If you want to restrict the number they can post I wrote a plugin that limits spam:

    You could use that to limit the number of blog posts per hour, set the consequence to "suspend".

  • Hi Matt,

    Thanks for your tip :)

    Its not that i am worried over spam. I simply do not want to allow all users to post a blogposting, or newsposting.



  • oh, I see, you want to only allow a few users, I thought you meant allow users to post only a few blogs.  That will take a bit of coding then I think.

  • Hi Matt,

    Yes, that is totally correct :)

    Hopefully someone soon will come out with a plugin that allows us administrators to define user roles. But untill then, perhaps there is a quick & dirty way ??



  • Not knowing if you're familiar with the massive postings about 2 years back on "Roles and Permissions" -- Kevin Jardine did publish a Roles/Permissions PlugIn of sorts. That - I believe - tackled the issue part of the way. There would be quiet a few other aspects/ areas (PlugIns) to take care of. I have usually attacked the issues as one situation at a time and coded whatever was necessay to achieve blocking non-admins or non-special users from creating a blog, a group, whatever etc.. e.g in the past - I have coded enhancements to the Blog PlugIn for Clients -- to restrict Blog Create to only 'special' UserIds (in one case - in the website owner could post Blogs, while all others could read them and comment only.That's what the cliet wanted - But it looks like what you are for will be much more comprehensive and involved. I think that the code development effort to do a proper Roles/Permisisons feature would be quite heavy...

  • a dirty method could be to create an array of user guids and then check if the logged in user's guid is in that array.

    You would need to add an action that allowed you the admin to add/remove guids from that array.

    Some code snippets to think about:


    register_error('You cannot do this');





    and then a push/pull to/from the array

    if($style == "push"){



    // remove from array



  • For access restriction based on usertypes, have a look at our premium members plugin here in the community.

  • Will this module prevent users from viewing others profiles, unless they are friends. Looking for a module that does that

  • Thanks for the tip Trajan :) I like the quick and dirty way, I was considering this as well.

    I have roughly the following idea, please bear with me as I have no idea how the engine works of Elgg :)

    The quick and dirty way can be used for all plugins, if you would put an extra row in the user profile table containing an array of numbers. Then, assuming that all plugins have their own unique identifier in the database, you could use this as allow/not allow reference table.

    If the blog plugin has as GUID (of however it is called in Elgg) 1, commenting on blogs GUID = 2, creating groups GUID = 3.

    User array , Wannabe , paswd, etc, profile , array(2,3)

    You could use the arrays to check agains the GUID of plugins. IN my example the user wannabe is only allowed to comment on blogs and create a group.

    Would this, according to you guys who are more experienced with Elgg, work?






  • @wannabe - Absolutely not! Never modify tables in Elgg, the database is so normalized you're pretty much guaranteed to break it, and if somehow you managed not to, you would never be able to upgrade.

    There are elgg-ish ways to do this, but nothing that's easily explained here.  You should get yourself familiar with Elgg's datamodel, views, and actions to put together a full solution.