Possibility to lock a topic to a specific user only + staff members

It would be great if the following was achievable. I note that I’m new to Discourse.

Here’s my use case. We use Discourse for a closed forum among a small team that coordinate a bigger initiative within an institution. We have contributors outside of the coordinating team who would discuss a proposal with all team members, but not with other contributors. We’d like to create a new topic and lock access and visibility of that topic to only a specific user and all team members so that they can discuss it.

Something like the *nix file system where I’d give read/write for a topic to root + specific group, but not world. Or role-based permissions in other web systems.

As far as I’ve seen, the default Discourse permission system is based on trust levels, not roles, and it doesn’t allow me to create roles with specific permissions.

Is there some plugin or way I could make Discourse achieve the above?

p.s. I could probably live with creating a new category per topic if needed, though that would create a lot of different categories that only have one topic.

1 Like

Yes – group messages! Have the contributors write a message to the group of the coordinating team. If you want, you can even set up incoming mail support for this group, so contributors without an account can interact with your team by writing emails :slight_smile:

Create a group, add the team members and update the setting Who can message and @mention this group? on the group page to get started.


That sounds like it should do the trick - it would be great to use Discourse for all comms we have. Can a group include other groups, or only members? (it would be ideal if I could have a “staff” group, and then create new groups for each new topic to include “staff” and a particular user, since the “staff” group may change membership in time.

No, but I don’t see why you would need that.
Remember that a message is a conversation between multiple users or groups :slight_smile:


If you’re doing this via messages (not category permissions) you don’t need to worry about that. Have your “staff” group (keep in mind staff is a built-in group that is all admins plus all moderators, so you’ll need a different name) created, then send a message to “staff” + username. No need to modify groups each time to add one extra person, simply add them to the message.

Edit: ninja’d by @fefrei :stuck_out_tongue:

1 Like

It seems that’s pretty much what I wanted, i.e. the topic should be locked to a custom “team” group + specific user. If I was to add another member to the “team” group, then that member should be able to see the previous messages exchanged before he was added to the “team” group.

I like Discourse very much so far! … and I gotta say, I love the proper programming concepts it’s based on (as opposed to the mess that Wordpress is and how my blood used to boil whenever I had to deal with its API). In less than 20 minutes with the rails interface for Discourse yesterday I was able to figure out and do quite a few things by simple command completion + peeking at /master/app/models (I regard that as a measure of how well code is written). Well done to the Discourse devs!

// and that’s coming from someone who dislikes ruby/rails


Going offtopic a little, but speaking of ruby/rails, are there some comprehensive docs on the ruby/rails calls, classes and what info is handled by which class, or I’m pretty much stuck with peeking at the repo?

I do have one more (on-topic) question though. If I want to turn the private message into a normal topic, I know I just use the wrench icon and choose “Make public topic”. This makes a topic in the “Uncategorized” category, which everyone can see. I can quickly edit it to assign it to a categoyr that is locked to “staff” level.

I’d like to avoid it being visible by non-staff at any one stage. My solution is to first “make unlisted” then to “make public topic”, then edit first post and assign privileged category, then “make listed”.

Is there a more direct way to do it via GUI?

Also, given the former user does not have “staff” privileges, I assume that they won’t be able to access the topic any more, but that none of the posts in the topic are lost/altered, right?

Via rails I guess I could do the following, which seems to work fine:

t = Topic.where(id:44)[0];
t.category_id = Category.where(name:'Staff')[0].id;
t.archetype = 'regular';
1 Like