Ok,
So we are using a discourse board for team collaboration within our professional representative organization.
We have elected executive positions and elected representatives as well.
I am a representative, however I setup and am the admin of our board. (I’m sure I won’t be forever, but at the moment I am.) It is login required to view anything, invite only to join. Totaling 20 users currently, but will scale up to about 30.
We created an executive group work space where the group and content should only be visible to those specific members within the group. Really, its content shouldn’t be to the admin, only the category. And please refrain from the “if you can’t trust the admin” thing… Basically for the purposes of the organization, I’m not “read into” those discussions regardless that I’m the only one admin-ing the board. Call that category “above my pay grade.”
Here’s what I want to do, and could use a little help if there’s some CSS that can solve this.
-
Not hide category (I still need to admin it if sub cats are needed), but hide the content of the category. The category is only visible to “Executive” group members.
- So is there a way to use CSS to say hide category content within that category (and on home screen preview) unless you belong to a group. Or better said, display that content to group “Executive” otherwise hide it.
-
Hide the “Messages” tab on a user profile and hide the “impersonate user” button on the admin user page.
- What I’d like to do is only leave it visible to the developer account which is a universal admin account that will rarely be used beside for board maintenance, and really only through the console rather than UI. Other than that account, those elements not be displayed.
Yes, I know how anyone with root can parse anything from the database. I know any admin can go edit/comment out the css and see what they want then change it back.
I wish there were a better “secure” way to do it baked into discourse but there isn’t. Ideally when messages are encrypted (should have a setting to default on/off) the PM reading wouldn’t be an issue minus impersonate.
But for the sake of this organization, this will absolutely suffice. Nobody would understand how to undo this as fellow admins. And I know the why give them admin vs mod, they could break things discussion, but they need to be granted admin as it’s not something that can be withheld within the organization from the leadership. And they need to see that barring me taking extra measures to truly try to go out of my way read stuff I’m not read into, that my access dosn’t exceed my authority.
Bottom line, I was hoping someone could help with the CSS to hide those elements.
- category contents from ALL except the specific group members
- the message/impersonate options from all admins except developer acct.
Reason for the lengthy write-up is that I know all the “why nots.” I just need some assistance with this as it is a workable solution for MY group, and I don’t have half a clue dealing with CSS.
If you all could make a separate set of permissions/differentiate a super admin credential (dev acct), and can be enabled/disabled on standard admin accounts, man that would be phenomenal for private organizations that use discourse.
None of these concerns would apply to my use of discourse for the public board I run, but for a private organization, there are some access control tweaks that would really make discourse second to none.