Tweaked post edit code (multi-user blog)

Is there a way that we can let users “owns” their own blog ?
I don’t want user A to edit usr B’s blog, I don’t want all their blog message in same blog, I want user A write his own blog and have his own looks and feel, I know it is possibile in Moveable Type, but it seems not in WP, right ? and there is no hack for this ?

This hack has that side effect – you have to be a level greater than another user to edit the post, so a level 2 user can edit a level 1 user’s post, but a level 2 can’t touch another level 2. As long as all your users (bar the admin one) have the same levcl then this hack will help you.
Note that if you want to be able to edit the date of your own posts, then you need to be level 5 or above.
HTH,
—
ian.

uh oh this means 1.0.1 does not support individual blogs per user?
ideally I’d love to be able to
a) set wp so that users promoted to level x (say 5) can have their very own blogs with their own template/theme accessible via friendly url: user.mysite.com or https://www.mysite.com/user/
b) granulated access rules, i.e. apart from setting level for users, i’d like to set “admin” flags individually for separate blog users, e.g.
user A has level5 and his own blog
user A also is admin for Blogs in Group Z which contains blogs from Users of various levels but he has no access to Blogs/Users of any other Group.
user B has level5 access AND is a group superuser hence has access to all blogs/groups except for the main site admin blog.
i.e. granulated access.
1.1b?

With the patch (or at least, the $min_edit_level=$user_level+1; bit) you can at least make the editing of blogs restricted to more senior members but the fine grained approach that you mention is not possible in 1.0.1
Thinking idly (!) it is pretty much the same requirement as the multiple categories per post solution, where for non-superuser logins (ie: everything less than a level 10) there is a per-user ganularity for administration. It would also be possible to tie this in with a level approach, so that if nothing is setup, you get the l2 can edit all l1 type system, but then apply restrictions so that a certain l2 user can only edit l1 users called x and z, and not y. In my view, this is possible and I’m even willing to give it a go, but a word or two from those that got the multiple categories working might clear up quite how much work I’ve semi-volunteered for !
Implementing a full Unix style file permissions system would be much more complex: I’m nowhere near familiar enough with the code to say how possible this is. It might be possible to do the multi-user privilege stuff and then fake up the Groups with another table that simply maps a group name to multiple members. This would have no real standing in the rest of the system but would allow a quick way to assign many tens of users to an admin without a mind-numbing amount of clicking.
Is this the sort of thing that should be taken to the Wiki ? I’m happy to move this thread there and go into more detail on how I can see this being written, if a) it’s the right place for this sort of topic, and b) people are happy to nip off there to add their comment on how sensible any given approach is.
HTH,
—
ian.

Ahem. That last post was mine, but I forgot to log in (doh).
—
ian.

well it would certainly make lifes of wp admins much much easier if they had to maintain just one script instead of 250 wp installs for all their users ??
i slightly exaggerated, i just need 2 separate blogs and will certainly deploy wp twice to achieve this. I can imagine however that multisite/domain support will become increasingly important as the wp userbase grows…
drupal (more like a hack atm) and phpwebsite (module “branch”) offer this feature (among others I am sure) – just if you want to take a peek how its done there.
cheers
Ihad.

A great hack, even if members can’t have their own personnal “looks and feel” for their blog…
A sort by members and it’s ok for the moment ??

Sorry to bring back such a dead topic…
I need to use this hack to make it so all my level 1 users cannot edit eachothers posts and comments. But I can’t seem to figure out how to impliment it. Do I just add it to the edit_post_link function? Or do I completely replace the old code with this code? Or…something else…?
Any help would be greatly appreciated! Thanks.
– Josh [truantics.net]

I actually have been taking up a project much like this…
Making WP the basis of a big blog system like LJ or BLOGGER or XANGA where each user has their own modified system of WP. I will release it when its done and it’ll have alot diff features added to from users hacks i have been modifying. Under the GNL licensing i will be providing all the code so i assume you all can use as well.
My current status on this project is trying to split users off to their own directorys…its not easy but its fun to take on such a project. I split the upload.php so each user uploads to their own dir tonight, just got to get one thing done per night. If any of you have advice for doing future things like this plz do tell. What i came up with so far (just in ideas) would be for to keep the same database for each person but have the table prefix’s be a diff name. sound good?

Hey you guys, I am following this thread closely. Have some of the same permissions needs as you reference. I am big on NOT reinventing the wheel.
Has anyone thought about turning something like https://phpgacl.sourceforge.net/ into a plugin?
Copied from their website:
——————————————————————————————————————
Summary:
A PHP class offering Web developers a simple, yet immensely powerful “drop in” permission system to their current Web based applications.
Features:
Split into two classes, and a seperate administration interface.
GACL class:? Designed to be very small (517 lines of code including comments) and very fast, this class strictly takes care of the permission checks.
GACL_API class:? Designed to be robust and flexible, this class takes care of creating/editing/deleting objects, groups and ACLs.
phpGACL Administration Interface: A set of scripts that allow for the easy administration of the entire GACL universe using only your browser.
NOT limited to typical “read/write/execute” permissions similar to some flavours of *nix
User definable “Access Control Objects” (ACO). These are objects which control what access is available to “requesters” (see below).
Several examples:
Enable – Projects
View – Projects, View Own – Projects
Edit – Projects, Edit Own – Projects
Delete – Projects, Delete Own – Projects, UnDelete – Projects, UnDelete Own – Projects
Add – Projects
System down for Maintenance
View – The letter “e” ??
User definable “Access Request Objects” (ARO). These are objects which request access from an “Access Control Object” (above) examples would be:
Users/Accounts
IP Addresses
Browsers/Browser capabilities (JS/Flash/DHTML)
User definable “Access eXtension Objects” (AXO). These are objects which extend permissions to a 3rd layer, optionally allowing you to set fine grained permissions on each individual item in your application, or even row in your database. AXO’s are often used in cases where you only want to give a user access to a specific project or contact.
Several examples:
Projects – Project ID: 3474 (Accounting Software)
Projects – Project ID: 3484 (Financial Software)
Contacts – Contact ID: 4775 John Doe
Contacts – Contact ID: 4795 John Doe
Tree based ARO/AXO Object grouping with inheritance.
Example:
Root
|- Staff ( ALLOW [View Own – Projects], ALLOW [Add – Projects], ALLOW [Edit Own – Projects] )
| |- Facilitators ( DENY [Add – Projects] )
| |- Managers ( ALLOW [Edit – Projects] )
| ‘- Executives ( ALLOW [Edit – Projects], ALLOW [Delete – Projects] )
‘- Customers
|- VIP
|- Regular
‘- Annoying ( DENY [ALL] )
In the above example (assume DENY ALL by default) because of inheritance, we gave the Staff group permission to several ACO’s, now any child group has access to those same permissions plus any additional ones assigned. So even though the entire Staff group and all its children groups have permission to “Add – Projects”, Facilitators are denied that right. Only Managers and Executives however are granted permission to “Edit – Projects” and only Executives are granted permission to “Delete – Projects”.
Contains functionality to easily program add-ons. Examples would be for product pricing, or quantity limitations.
Example:
Root
‘- Customers
|- Bronze Package ( Add – Projects [Limit 5, Price $10/each] )
| ‘- John Doe ( Exception to group: Add – Projects [Limit 8, Price $9/each] )
|- Silver Package ( Add – Projects [Limit 10, Price $5/each] )
‘- Gold Package ( Add – Projects [Limit 20, Price $2/each] )
In the above example, we set group “defaults” for each of the three packages, however the real world usually doesn’t work that way,
Customers always make outlandish demands, so let’s satisfy them, John Doe wanted more then 5 projects, but not quite 10, so we simply put in an exception for just him, and gave him a slight discount on the price to keep yet another satisfied customer!
One function application integration: acl_check()
Simply pass this function four parameters, it doesn’t get any easier!
Supports the most popular databases using the ADODB database abstraction layer. (MySQL, PostgreSQL, Oracle, MSSQL)
Complete web based administration interface.
Scalable. A real-world working version with many added layers of complexity supports over 60,000 Accounts, 200 Groups and 300 ACO’s.
——————————————————————————————————————
You guys let me know if this is too complicated for this project. If not, it would seem this would be a good place to start in giving WordPress a robust permissions module (plugin?). I would be willing to find some dev time to do this if it makes good sense.
~ Vertical Cashew

Anyone ever do any follow up research on this? Thanks in advance to all you permissions gurus out there. Sorry for the long post previously, just thought it would be good to not make you go chase this stuff down.
~ Vertical Cashew

Anyone working on this? one engine, many front-ends?
If I wanted to start coding suchs athing where would I need to start? who would be the WP developer most interested in such a feature?
Best
Rub??n