Any suggestions on hiding group membership, even on ones own profile page? Or leaving the names but disabling hyperlink?
You can remove the link in the title using the script from this post:
Sounds like you should use the Staff Notes plugin.
But we are automating group status via SSO and then potentially using group mamebership to gate select areas.
Is there a way to populate Staff Notes via SSO parameters? Or to set category permissions based on Notes?
No there isn’t. Staff notes isn’t going to work. We’ll need a new solution for what you’re trying to do. Maybe adding an option to groups to hide membership from all except staff.
We already have the checkbox [
Group is visible to all users] for groups.
Perhaps what we want is to change it to a drop box:
- Staff only
- Group members and staff
In the mean time does CSS work as a workaround for hiding the groups here?
We don’t have any group-specific classes on each link there.
There is a trick … you target the href in the CSS rule
Yeah that will work, but yuck. Don’t forget the commas!
Yes this is needed. How big / risky is this change?
not too big, probably a few hours of work, not high risk.
Ok then I think we should proceed with it.
Does this work include removing the
href attribute from the title if the group isn’t visible to the user?
That is great news. I will also look into the CSS solution in the interim.
Something else I’m wondering, if the group name is visible and the hyperlink is disabled, it seems like a user should be able to guess the group URL rather easily. Or even if the group name is hidden, people familiar with discourse group URLs could look around and find things.
Would it be possible to disable access to the group list view for those that do not have permission to view the group? Or would we just have to pick group names that we know…but would be difficult to guess?
Thanks for your help on this!
Maybe I’m missing something…but isn’t that what Sam is going to be working on?
Not totally sure what that change would cover, so I wanted to cover all bases.
The setting to hide from all except staff should not only hide the group name/link from the user’s own profile, but also make sure that even a member of a group couldn’t just access the group by typing in the URL (if it was guessable or someone else shared it by mistake). But staff could still visit the user’s profile page and instantly see all groups the user is in.
That might already be what he was planning. Not sure.
Yes that would be it, an end user would belong to a group but have no way of gleaning that information ever.
And since this is set on the group level we can choose to make some visible to members, and others totally hidden. This is probably a perfect solution for our needs.
Is there any kind of ETA on when this might be available? Trying to determine if it’s worth a request to one of my devs to figure out the CSS tweaks.