Setting up Moderation on a New Install

TheInternet

I have a new install of Flarum and I seem to be a tad confused as to how to not let anyone other than Admin or Mods create a discussion with no approval or moderation. I want it so if any regular user creates a post it sits and isn't seen, like a regular forum till someone higher up can ok it and then it's seen. I also don't want any regular users editing posts or deleting anything.

I'm a bit confused what to enable and disable in the permission settings. Do I add a new user because my fake new sign up doesn't seem to be "Member", it just seems to be nothing.

askvortsov

TheInternet A newly registered user won't have "Member" perms until they confirm their email.

TheInternet

askvortsov I confirmed the email and I can still edit my regular users posts. Even when I edit it's not awaiting approval. Replies do await approval. I can delete the post but then restore the said deleted post.

askvortsov

TheInternet This feels like a possible case of flarum/core3144, which has been fixed for the next release. Are you using PHP8?

TheInternet

askvortsov I don't know I'll check. I didn't install it. Which PHP should it be using?

Also when will the next update come out?

clarkwinkelmann

If you want to prevent editing posts ever, you can set "Allow post editing" (under Permissions) to "For 10 minutes". It's the only option that stops all edit in time. You can set it down to zero minutes by manually editing the entry in the settings table in the database.

The issue askvortsov refers to is the option "Until next reply" which is currently buggy on PHP 8.0 and effectively has the same effect as "Indefinitely".

In general we recommend using the latest PHP version possible, but if you are still on PHP 7.x it's fine as well.

If you do need the "Until next reply" option, staying on PHP 7.x means you avoid the bug. But if you don't need that option there is no difference (except PHP 8.0 is probably a tiny bit more performant due to PHP itself being faster)

EDIT: it's probably worth noting that users can only edit posts in a discussion where they can reply, so if you have already prevented users from replying in discussions (through locking or other permissions), they won't be able to edit their posts, whatever the value of "Allow post editing" is.

TheInternet

clarkwinkelmann I set it to indefinitely. Lol

Ok so if I set it to after 10 minutes is that from when they posted it or is it from when it was approved? Because if we wait at least 10 minutes from the post (not approval) then they can't edit anymore, the way I think I understand it.

I would like to keep the install as vanilla as possible.

Also something else odd that someone could explain. The new non Admin Mod user I created when I deleted the thread that the user made it goes "hidden" and the only thing that could undo that is to "restore" the thread". How do I disable that ability?

clarkwinkelmann

TheInternet from when they posted it or is it from when it was approved

It's from the post time (source code). But if you need something more advanced the Flarum extension API can be used to define additional permissions or restrictions.

TheInternet when I deleted the thread that the user made it goes "hidden" and the only thing that could undo that is to "restore" the thread".

Flarum discussions and posts are "soft-deleted" by default. This means the data isn't permanently lost, and admins/mods continue to be able to see those discussions. Once a discussion or post has been soft-deleted, you can permanently delete it.

Theoretically a discussion or post can be immediately permanently deleted from the REST API, but the UI only offers the permanent delete option after it has been soft-deleted to prevent any accidental deletion.

If you really wanted to remove the soft-delete step, you could create a custom extension that removes those buttons and directly show the permanent delete.

If you're looking at hiding the deleted post from the user or moderator's view without permanently deleting it, you could move the discussion to a tag the user cannot see.

TheInternet

clarkwinkelmann the Flarum install is using PHP 7.4