THIS SHOULD NOT SHOW ON LOGIN OR REGISTRATION

Test

System
System admin
in General 
Summary
Rank abilities do not appear to change the available post options in the editor (text vs links/media), preventing admins from limiting who can insert iframes or other embedded media.

Customer / Context
- Customer: Higher Logic LLC (internal demo)
- Requester: Brendan Parm (Enterprise Account Executive)
- Zendesk ticket: https://higherlogic.zendesk.com/agent/tickets/454661
- Site: brendan.vanillademo.com (demo community)
- Area: Ranks / posting permissions / editor capabilities

Environment
- Product: Vanilla by Higher Logic
- Feature: Ranks
- Editor: Rich Editor (assumed from customer screenshots/description)
- Site type: Internal demo (non‑production for external customer)

Issue Description
Brendan expected Rank abilities to control which posting options are available to users in the editor. For example, configuring Rank Level 1 to allow only “Text” should remove options to insert links, YouTube, or other embedded media. However, changing the Rank abilities matrix does not seem to change what users can do in the editor, and it does not appear to solve the goal of restricting who can insert iframes or media, even from trusted sources.

Steps to Reproduce
1. On brendan.vanillademo.com, configure Rank Level 1 so that its post ability is set to “Text” only.
2. Optionally, configure Rank Level 1 as “Text, links, YouTube” and save changes.
3. Assign a test user to Rank Level 1.
4. As that Rank 1 user, start composing a new discussion or comment.
5. Observe which options are available in the editor toolbar (text formatting, links, media embeds, iframes, etc.).

Observed Behavior
- Setting Rank Level 1 to “Text” only does not limit the available posting options in the editor.
- Setting Rank Level 1 to “Text, links, YouTube” also does not appear to change what the user can do when composing a post.
- Practically, the Rank abilities configuration does not appear to affect the editor toolbar or the ability to insert iframes/media.

Expected Behavior
- Updating Rank abilities for a given level should have a clear and enforceable effect on what that rank can do when posting.
- If a rank is configured with “Text” only, users at that rank should not see or be able to use editor actions that go beyond plain text (for example, inserting media, iframes, or other rich embeds).
- If a rank is configured with “Text, links, YouTube”, the available editor actions should match those capabilities, and it should be possible to restrict iframe or media insertion to higher ranks as a way to control who can embed external content.

Impact
- Site owners cannot reliably use Rank abilities to enforce restrictions on iframe and media insertion.
- This blocks a common governance/safety use case where only trusted or higher ranked users should be able to embed external content.
- While reported from an internal demo, behavior likely affects any customer attempting to use Ranks for this purpose.

Questions / Requests for Dev
- Confirm the intended relationship between Rank abilities and Rich Editor toolbar actions for posts and comments.
- Are Rank abilities currently wired into the Rich Editor capability model, or only legacy permissions?
- If this is expected behavior today, what is the recommended pattern for restricting iframe/media insertion to specific ranks or roles?
- If this is not expected, please:
  - Identify why changes to Rank abilities do not affect available post options.
  - Propose and implement an approach so Rank settings can reliably limit posting capabilities (especially iframe and media insertion) in the editor.

References
- Customer ticket with original description and screenshots:
  - https://higherlogic.zendesk.com/agent/tickets/454661

Testing

Categories