@v4 This is a risk with any application, and NodeBB is no exception. Think "zero-day exploits" and applications which accidentally let someone "break out" of the environment. It's obviously something we patch and code against, but finding them is often another matter
We maintain an email specifically for handling these issues: firstname.lastname@example.org. If you've located an exploit vector, email use privately there, and we'll get it fixed up!
@quokka that's an interesting take and I never thought about that. However, I think if the group appears in or is searchable by users that are not in the group, that'd be a no go for our users.
I also realize now that my above statement is inaccurate. If a member navigates directly to the URL of a hidden and private group then they are able to view it. As an intermediate measure, I've trained our moderators to pass these links around so that group members can still get to their group pages. And if the person navigating to the user is marked as a group owner, they are able to navigate to the group page.
The only issue that remains for my use case is a user finding hidden/private groups that they are in.
If I get some time, I'll look into the code to see if there's a way to populate these groups into user profiles as a list or visible in the group listings/search for members. And if that's of interest to the community here, I can share it back through PR to NodeBB or whatever is preferable.
Hello, I see there is an option in ACP to change the label of an group tag.
Is it possible to change the font color per group?
Like Admin = Red text color
Moderator = Green text color
Teamleader = Purple text color
Is it possible with CSS?
Yeah we should add a bit of documentation to the top of that ACP page. Anybody willing to PR?
I'd add it to docs.nodebb under an ACP header, then just document every option of the ACP and what it does. Saves clutter that way. Don't mind throwing something together with some screenshots etc. assuming the docs accept screenshots.