Restrict access for specific user


(Bas van Leeuwen) #1

Is it possible to restrict access of a specific user?

My use case is that I want to create a “product feedback bot”-user, that will post in a specific category once people fill in a form embedded in our product.
The API key of this bot would most likely be visible to a determined (trusted) product user. I’d like to restrict the use to posting in a specific category.

Is there a way to strip them of any trust level? I can then grant them posting rights to a specific category


(Régis Hanol) #2

You can lock the user to TL0.


(Bas van Leeuwen) #3

That makes sense, at least prevents some of the privileges, but then they can still post in e.g. Uncategorised.
I want this 1 user, to only be able to post in this 1 category, but I feel this usecase isn’t supported yet.


(Régis Hanol) #4

You will have to put the user in a group and add that group as read only to every category but the one they’re allowed to post into.


(Bas van Leeuwen) #5

Ah, they use the most restrictive of the permissions granted? I thought they’d be additive.

So a category with Create / Reply / See doe “everyone” and See for e.g. “bot-group” wouldn’t allow the bot to post?
That could work!


(Régis Hanol) #6

That’s a good point. I’m not actually 100% sure.

EDIT: just tested, and they’re indeed additive. So I’m afraid your use case isn’t supported at this time.