Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+2 votes
in Q2A Core by
I've been thinking about creating private sections for my q2a-site. The idea is that a group of users (e.g. a company) should be able to have a closed community of questions and answers, that are not to be shared with users of the "open" forum. The users of the closed community should however be able to see/search public questions and answers.

One way (I guess) would be to create a parallel site, with read access to the same data base as the "normal" q2a page, but which is writing to another, separate db...

Any thoughts on the feasibility of this? Any smarter suggestions?

3 Answers

+4 votes

Whatever you choose to do will require a considerable amount of core hacks. This is by far the simples approach I can think of.

  1. Create a table to manage groups
  2. Create a table to manage members associations (one-to-many or maybe a many-to-many relationship to the groups table)
  3. Create the UI to manage the groups and member associations (or maybe you prefer to make the inserts manually and omit this step)
  4. Juggle with some JavaScript in a layer and a combobox on the ask page and include in the combo the groups that the user belongs to and include a "Public" option. This combo will be labeled as "Question visibility" or something like that
  5. Create a table to manage post visibility (one-to-one with the ^posts table)
  6. When you save the question, make sure you store the visibility if it is different than "Public"
  7. Hack the core and add another join to all queries that fetch questions (there are around 8 I guess) that will join your visibility table and make sure you compare the logged in user groups to the ones that are set for each post and filter out any post that should not be visible for the user
  8. In the layer make sure you restrict direct question access too

I'm probably missing something here but this should be considerably close to a feasible approach.

+3 votes

This is just my advice as a methodology (My idea is close to you).

Probably, approach of pupi1985 is more smart. However, when there is any bug (logic mistake) in the program, I thought the risk of information leak is high. So, I realized that by hacking multi-site(QA_MYSQL_USERS_PREFIX) feature and adding "Private site" plugin.

My approach has some drawbacks. However, there are also many advantages.

  • Implementation is simple
  • Data is completely separated => safer and accurate
  • Be able to make each site (zone) as public OR private
+2 votes
Here is another way I can think about closed site/qa section.

- Set user permissions for each category, by default allow all users.

- If you want only for restricted uses then add those user to that category.

This way, only required users can access questions in that category (closed community)

You may need to handle user management in a different way. I dont know how complicated this is for implementation.