Question Thank You not fully respecting permissions

I believe this is a bug. Scenario:
usergroup: A
usergroup: B

Category: 1
Category: 2

usergroup A has read (view) / write (usergroups allowed to post / reply) permissions in Cat 1 & Cat 2
usergroup B has read/write permissions in Cat 1 and read only in Cat 2.

Usergroup B in my opinion should not be able to give "Thank You"s in Cat 2 however Kunena allows it.

This is no bug,

For example, usergroup A writes a blog, or something. So usergroup B can says thank you

I can see what you are saying but regardless, it is not a logical path of permissions. Your logic places an exception as a rule. That is not proper method for establishing permissions logic/hierarchy.

If you have setup a forum to be read only for certain users, allowing Thank You is not read only. You are allowing an action beyond read only. You are allowing a write permission even if it is a very limited one.

xreliable wrote: If you have setup a forum to be read only for certain users, allowing Thank You is not read only. You are allowing an action beyond read only. You are allowing a write permission even if it is a very limited one.

Interesting debating point. I can see both sides of the discussion but, if in the overall scheme of things, if a user can view a topic (even if they cannot post a reply in that topic) does it really matter if they cannot say "thank you"?

I tend to agree with 810 and conclude that this is not a bug in K 3.0. On the other hand, if it really does upset many members of this community who feel, as xreliable seems to feel, that disallowing write access should also extend to the ability to say "thank you", then the developers may take those considerations into account in a future version of Kunena.

Thank you for raising this issue but, for your information, I have searched this forum and I have not seen any other member of this community who has reported this matter before.

To my way of thinking, even though matter may be considered an undesirable, "undocumented feature" of K 3.0 it is not a defect, per se. Perhaps, therefore, this topic may be better relocated in one of the general questions, or feedback, or feature requests categories for other members of the community to provide their feedback, comment or support for the idea.

again I don't think your logic is proper. Your argument is based upon value judgements, not logic. This is problematic on many levels.

You are starting with an a priori assumption. If you start from the root of it, it is not a matter of "extending to" By default the hierarchy starts from reading and writing. In the normal extension of logic, Thank You is a write permission.

Essentially you're telling me to argue against a negative to make a case. I'm not arguing, just bringing it to your attention. This is NOT correct. It is not my opinion and not even a big deal to me personally, but every little issue that circumvents logic in favor of value judgements has ramifications. Best way to avoid those is to keep it simple at the core and extend that simplicity directly and logically. Read/Write is about as core as it gets.

I accept your proposition but I would also offer you a counter proposition.

It's possible that some people feel, as you do, that using the Kunena category permissions to restrict write access to categories should extend to the ability to use the "thank you" feature. It's also conceivable that some people may not feel the same way and, although their users cannot post topics in categories protected by certain write-access permissions, they may wish to allow their users the ability to use the "thank you" feature.

There is always the danger of using one setting to do two different purposes (whether those purposes may be related or not related). In cases where these situations arise, it is preferable to implement a kind of "parameter redunancy" where one setting applies to one feature and a different setting applies to a different feature. There's a danger in "over optimising" parameter settings to the extent that that one-setting-does-everything defeats the purpose for having two different settings. Sometimes one setting is used for something else, quite unrelated because it was "convenient" for the software developer to design it that way. I know of a couple of places in Kunena where this happens.

An example of "one-setting-does-everything" problem (in Kunena) is the setting

Configuration » Users » User Related » Display User Name

Suppose you wanted to display the username in Kunena messages but display the real name in the user profile ? Unfortunately, this single parameter does not permit you to do that. Instead, in order to resolve this kind of issue, there would need to be one parameter to control how a username was displayed in forum messages and a different parameter for how the user's name was displayed in their user profile.

Similarly, what would effectively deal with the matter we're now discussing is to have a separate setting in the Kunena Category Manager that says "extend the Kunena write permissions to ensure those users also have the ability to use the 'thank you' feature." Something like that, perhaps.

If we take the premise that "read/write is about as core as it gets [and it should extend to the 'thank you' function]" then this may deny the ability to allow those (who cannot otherwise post) the means to express their appreciation for what they're able to read if that's what some people may want to permit.

I'm not arguing with you, either. I disagree that there's a flaw in the "logic"—although that's also only my opinion, of course—and we're just having a good, healthy debate.