Solved Users can delete all topics??!!

Hello.

Same problem for me on my websites (Joomla 2.5 / Kunena 2.0.1) :
Simple user can delete his topic.

See discussion on "French Support Kunena"

Excuse me for my bad english. :blush:

If you have the same problem, check your ACL settings. You have probably given your users Administrator access to the Kunena component.

I've also looked over my access groups. This was definitely not a problem before upgrade, only after upgrade this weekend. How could it be a problem with my access controls when they were setup properly before?

How do you check the specific ACL settings for Kunena? I've never touched the settings for any specific component, there was no reason. And I'm quite sure about how my groups are setup for the site overall. I just double checked them, none have the ability to change anything on the site. I checked who is listed as moderator, that hasn't changed. Yet a normal user can delete his posts. I don't understand how it changed with the upgrade.

Database collation check: The collation of your table fields are correct

Legacy mode: Disabled | Joomla! SEF: Enabled | Joomla! SEF rewrite: Enabled | FTP layer: Disabled |

This message contains confidential information

htaccess: Exists | PHP environment: Max execution time: 30 seconds | Max execution memory: 128M | Max file upload: 32M

Kunena menu details:

Warning: Spoiler!

ID	Name	Menutype	Link	Path
313	Forum	mainmenu	Itemid=316	kunena-2012-08-26
130	Forum	mainmenu	view=category&catid=0&layout=list	forumhome
316	Forum	kunenamenu	view=home&defaultmenu=317	forum
317	Index	kunenamenu	view=category&layout=list&catid=0	forum/index
318	Recent Topics	kunenamenu	view=topics&mode=replies	forum/recent
319	New Topic	kunenamenu	view=topic&layout=create	forum/newtopic
320	No Replies	kunenamenu	view=topics&mode=noreplies	forum/noreplies
321	My Topics	kunenamenu	view=topics&layout=user&mode=default	forum/mylatest
322	Profile	kunenamenu	view=user	forum/profile
323	Help	kunenamenu	view=misc	forum/help
324	Search	kunenamenu	view=search	forum/search

Joomla default template details : uneedo | author: arrowthemes | version: 1.0.3 | creationdate: August 2012

Kunena default template details : Uneedo Template | author: arrowthemes | version: 2.0.1 | creationdate: 2012-07-20

Kunena version detailed: Kunena 2.0.1 | 2012-07-07 [ Balozi ]
| Kunena detailed configuration:

Warning: Spoiler!

Kunena config settings:
board_offline	0
enablerss	1
threads_per_page	20
messages_per_page	10
messages_per_page_search	15
showhistory	1
historylimit	10
shownew	1
disemoticons	0
template	uneedo
showannouncement	1
avataroncat	0
catimagepath	category_images/
showchildcaticon	1
rtewidth	450
rteheight	300
enableforumjump	1
reportmsg	1
username	0
askemail	0
showemail	1
showuserstats	1
showkarma	0
useredit	1
useredittime	0
useredittimegrace	600
editmarkup	1
allowsubscriptions	1
subscriptionschecked	1
allowfavorites	1
maxsubject	63
maxsig	2000
regonly	0
changename	1
pubwrite	0
floodprotection	0
mailmod	0
mailadmin	0
captcha	0
mailfull	0
allowavatarupload	1
allowavatargallery	1
avatarquality	95
avatarsize	2048
imageheight	400
imagewidth	400
imagesize	1500
filetypes	txt,rtf,pdf,zip,tar.gz,tgz,tar.bz2,doc,docx,xls,xlsx
filesize	1500
showranking	1
rankimages	1
userlist_rows	30
userlist_online	1
userlist_avatar	1
userlist_name	1
userlist_posts	1
userlist_karma	0
userlist_email	1
userlist_usertype	0
userlist_joindate	1
userlist_lastvisitdate	1
userlist_userhits	0
latestcategory	3,2,4,1,44,7,34,64,65,32,27,28,10,5,9,11,76,6,37,50,53,71,51,52,78,55,56,57,58,59,60,61,62,63,80,66,67,81,68,69,70,39,19,18,43,77,42
showstats	1
showwhoisonline	1
showgenstats	1
showpopuserstats	0
popusercount	5
showpopsubjectstats	0
popsubjectcount	5
usernamechange	1
showspoilertag	1
showvideotag	1
showebaytag	0
trimlongurls	1
trimlongurlsfront	40
trimlongurlsback	20
autoembedyoutube	1
autoembedebay	0
ebaylanguagecode	en-us
sessiontimeout	1800
highlightcode	0
rss_type	topic
rss_timelimit	month
rss_limit	100
rss_included_categories
rss_excluded_categories
rss_specification	rss2.0
rss_allow_html	1
rss_author_format	name
rss_author_in_title	1
rss_word_count	0
rss_old_titles	1
rss_cache	900
defaultpage	recent
default_sort	asc
sef	1
sefutf8	0
showimgforguest	1
showfileforguest	0
pollnboptions	10
pollallowvoteone	0
pollenabled	1
poppollscount	5
showpoppollstats	1
polltimebtvotes	00:00:00
pollnbvotesbyuser	100
pollresultsuserslist	1
maxpersotext	50
ordering_system	mesid
post_dateformat	ago
post_dateformat_hover	datetime
hide_ip	1
imagetypes	jpg,jpeg,gif,png
checkmimetypes	1
imagemimetypes	image/jpeg,image/jpg,image/gif,image/png
imagequality	75
thumbheight	150
thumbwidth	150
hideuserprofileinfo	put_empty
boxghostmessage	0
userdeletetmessage	0
latestcategory_in	1
topicicons	1
debug	0
catsautosubscribed	0
showbannedreason	1
version_check	1
showthankyou	1
showpopthankyoustats	0
popthankscount	0
mod_see_deleted	0
bbcode_img_secure	text
listcat_show_moderators	0
lightbox	1
show_list_time	0
show_session_type	1
show_session_starttime	5
userlist_allowed	1
userlist_count_users	1
enable_threaded_layouts	0
category_subscriptions	topic
topic_subscriptions	first
pubprofile	0
thankyou_max	5
email_recipient_count	30
email_recipient_privacy	bcc
captcha_post_limit	0
keywords	0
userkeywords	0
image_upload	everybody
file_upload	registered
topic_layout	flat
time_to_create_page	1
show_imgfiles_manage_profile	1
hold_newusers_posts	0
hold_guest_posts	0
attachment_limit	8
pickup_category	0
article_display	intro
send_emails	1
fallback_english	1
cache	1
cache_time	60
enablepdf	1
jmambot	0
annmodid	399,58,44,70,52
userlist_username	0
rules_infb	1
help_infb	1
onlineusers	1

| Kunena integration settings:

Warning: Spoiler!

Kunena - AlphaUserPoints Enabled: activity=0 avatar=1 profile=1 activity_points_limit=0
Kunena - Community Builder Enabled: access=1 login=1 activity=0 avatar=1 profile=1 private=0
Kunena - Gravatar Disabled
Kunena - JomSocial Enabled: access=1 login=1 activity=0 avatar=1 profile=1 private=0 activity_points_limit=0 activity_stream_limit=0
Kunena - Joomla Enabled: access=1 login=1
Kunena - Kunena Enabled: avatar=1 profile=1
Kunena - UddeIM Enabled: private=1

| Joomla! detailed language files installed:

Warning: Spoiler!

Joomla! languages installed:
de-DE	German (DE-CH-AT)
en-GB	English (United Kingdom)
es-ES	Spanish (español)
fr-FR	Français (FR)
it-IT	Italian (IT)
nl-NL	Dutch (NL)
tr-TR	Türkçe (Türkiye)

Third-party components: UddeIM 2.6

Third-party SEF components: None

Plugins: Search - Kunena Search 1.7.2

Modules: Kunena Latest 2.0.1 | Kunena Login 2.0.1 | Kunena Search 2.0.1

You have two menu items with the same alias name "Forum" in your mainmenu menu. Delete and trash the second one (menu-id 130).

butchjax wrote:

How do you check the specific ACL settings for Kunena? I've never touched the settings for any specific component, there was no reason.

You are right: there is no reason to modify the permissions for any component in Joomla unless you know exactly what you are doing. The issue is, as I have said before, that the only way people can delete anything in your forum is if they have the permission to do that. If everyone on every Kunena website in the world could delete everything then we would not have a very good product, would we? If, for example, you could delete everything on the forum at K.org then we would be very embarrassed wouldn't we?

We have not made any changes to Joomla permissions here at K.org.

In the previously reported cases in this topic, the people reporting the problem admitted that they had made changes to Joomla permissions.

I accept that you say you have "never touched [permissions] for any specific component" but you may have changed ACL permissions for all components a while ago and perhaps you forgot that you did that. I believe that the key to solving this problem lies in how you have modified something in your Joomla permissions.

Disable the Kunena > JomSocial, Kunena > AlphaUserPoints and Kunena Community Builder plugins that you have enabled. You do not have these components installed and therefore you should not try to integrate Kunena with those things. This, too, could be a reason why you are having these users-can-delete-anything issues.

Other suggestions: (1) update your Kunena Search plugin and (2) try using a standard Joomla and the K 2.0 Blue Eagle template or (3) refer your problems directly to Arrowthemes .

Ok. I updated the plugin. I double checked access levels, however, I'm not setting up access to categories by ACL, but groups. Though they're the same, so I can try that next. However, that's just access to the categories. I don't have moderator groups. I don't even see where that is an option. I only know how to set an individual up as a moderator. Am I missing something? What gives a person permission to delete?

Finally, I don't see any extra menu items. I'm not sure where it's hiding, but I can't delete what I can't see. I know this stuff is easy to you guys working with it all the time, so I'm sorry for the basic questions. I'll also check with the theme folks, but I don't see how a template can change moderator permissions either. Is there a short answer to this?