The milestone you have set is okay. Also, I bumped the priority up to critical.
https://trac.buddypress.org/ticket/2293
No, there’s no easy way of doing this for private messages
@jivany By all WP pages I mean that when I set Activity stream as front page, the front page displays a loop with all the content from all the WP pages, published and draft.
I am telling you, that is a very bad bug I am having there. So, forced to put the old homepage up instead of the Activity stream.
If you (or anybody else) need to see the result, just drop me a private message (or post here) and I’ll be putting the Activity stream up as front page, to show the result. I can’t keep it that way the whole day because would make me sick to know what it looks like.
Thanks for the help.
I have added a ticket #2293 to Trac on this but might well not have added it to incorrect milestone, would Andy or someone else kindly check and move if necessary.
This issue has become a little more serious as I have now discovered that it’s not just a matter that the updates/posts can be viewed but that it’s possible – as a non group member – to add a reply and that reply shows in both the activity stream view and IS posted to the hidden group.
Sort of but not easily. If you create a private group, non-group members can’t see who is in the group (by default).
If you code a suitable workaround then it shouldn’t be too difficult to put together some code to fetch the members list of a specific group and display their avatars, etc.
This is an interesting use though and I’d like to see any solution you manage to come up with.
Also there are not “private hidden” groups
Ouch slapped wrist! 
sorry
So Andy is this something you are aware of before I test in 1.2.3 and hunt though Trac for tickets or add one?
Also there are not “private hidden” groups. There are “private groups” that are private but not hidden, and “hidden groups” that are both private and hidden.
Ok we’ll call it a bug then
I’ll add a Trac ticket on it later.
I don’t suppose that there is any short term emergency solution is there?
Edit/ it occurs that I omitted to mention that this occurs on a 1.2.2.1 installation and that I ought to check a 1.2.3 test install and /or check Trac first for prior tickets and fixes for this.
As this is not an issue of overall BuddyPress privacy, but rather a malfunctioning action of hidden groups, I would call this a bug.
@ajohnson-
As far as privacy in BuddyPress, there are many threads about that topic that will provide you with an answer.
You can start here for a hint: https://buddypress.org/forums/topic/privacy-component-where-is-it
Thanks Jeff, I will when I get a minute.
@ajohnson possibly it’s not a bug , in fact I would say it’s not a bug but rather a design flaw or oversight, however I’m afraid that saying it’s just not implemented yet is not right. Private Hidden groups are described as just that, hidden and private therefore one expects that content posted in one would NOT show up publicly and it doesn’t mostly just in this one instance or at least that I have stumbled upon, and it DOES need addressing and pretty quickly otherwise it’s probably ought to be pointed out to people not to consider setting groups private and hidden until such time as they really are.
It isn’t a bug as much as it’s just not implemented yet. There isn’t any real privacy controls with buddypress which is it’s huge downfall. Still a great product in it’s infancy so not need to be too upset. But a game-plan as to how it’s addressed moving forward would be nice. I think it should be priority number 1 for 1.3. Anyone else?
Hiding private messaging is another feature of the BuddyPress Privacy Component.
@hnla-
I would post that in Trac as a possible bug.
@gregfielding – What you’re describing is called “short code” functionality, and we’re building it in to the next release.
It lets you embed an media item or album into a blog post using a tag like [album id=”kittens” size=”medium”].
When you embed a media album, it embeds the album’s cover item in the post. Clicking on the image takes you to the actual album page.
For the time being, users are only allowed to embed their own content. Otherwise it gets rather complicated in terms of who is allowed to embed content that belongs to which user, and what kinds of content a given user is allowed to embed.
For example, consider what would happen if a user was friends with another user allowing them to see a private album the other user owned, and then the first user embedded content from the other user’s private album in one of their blog posts.
^F^
Both should have been default wp/bp behavior imho.
I’ll disagree with that. Especially with sites where you use the bp-default theme style of having a login box on every page. I don’t want to be redirected to my profile page if there is a reason I’m logging in on page X.
Redirecting to the user’s profile page makes sense on a closed/private installation where you need to login to see anything (ala Facebook)
@Travel-Junkie: I used your code above ( https://buddypress.org/forums/topic/how-to-make-a-private-community/page/2#post-44729 ) and it caused my browser to announce that:
Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.
Any idea why? Should I change anything within that code to personalize it for my own site?
Works fine for me on BP 1.2.3. Obviously, if you’re not a member of a private group, you need to be a Site Administrator to see it.
What version of BP are you running?
thanks for helping.
@r-a-y
i’ve already hacked bp_core_fetch_avatar() as described in https://buddypress.org/forums/topic/how-to-disable-gravatar-completely
however, a quick grep for gravatar.com over all wp/bb reveals more places. i am a total wwp/bb/php idiot and have no aspirations to become even mildy involved with the codebase. i was looking for a on-place “checkbox solution”.
@DJPaul
ah, ok;) it’s ok to have such commerically motivated “defaults” … in the end its a pretty impressing piece of tool and its nice to share anyway. on the other hand, it would be nice to have a big “this is a private site” switch which turns off this, and other things (like the dashboard fetching stuff from outside … i “disabled” that one using a firewall rule;)
For those interested, you can private message or contact macspeed directly.
Locking thread.
@conschneider
why not having “public groups” as being freely availabe for your members and having “private groups” set-up as only being accessable with paid user-subscription ?
Unfortunately, the useability and privacy of “private groups” is currently not very well designed, but might improve with the next version of BP 1.3
Regarding point “A”, I’ve decided that privacy is overrated, that only those who are losers and morons would dare ask for such an anti-establishment type of tool. If Mark Zuckerberg doesn’t think privacy matters anymore, then who am I to disagree with a social-network god that controls the lives of–ah, I mean graciously provides a gathering place to–a third of a billion people.
Therefore, this morning I deleted all of my source files for the BuddyPress Privacy Component on my private repository and then put on my best suit of magnets and rolled around in my server room. And, just to make sure all that nasty privacy code was expunged from my network, I set my computers on fire while simultaneously striking them with a 20-lb sledgehammer.
If you want privacy, don’t sign up for a social network. If you believe in freely-sharing all the intimate details of your life–which of course you should because this is the way the world is heading–then accept the Facebook neural implant and merrily post away.
very funny..however slightly on target on point “a”. Privacy for private areas needs to be better.
My thoughts on the group vs profile pictures, sorry if I get rambling too much.
First, if I upload a picture, I want to ensure that I am explicitly recognized as the owner of that picture (I’m assuming that people are only going to be uploading their own works). It shouldn’t matter where I upload that picture on the site, it should always have a link into my profile. Since we don’t want to duplicate pictures in the site and having multiple URLs that point to the same content is considered bad, why not just always have pictures in linked in the user’s profile album.
As for groups. Yes, being able to upload directly from the group page is a nice idea. The tagging system previously described by you guys should be used here for sure. I think Flickr sort of makes it hard on this aspect because you can tag photos but you can also put photos into a group. That seems like an extra step to me. Use the tags to represent the group. For example, if you have a group called “The Photogs”, just tag all pictures uploaded from that group page with “The Photogs” (of course, make sure the user is aware of this and allow them to remove the tag if desired, etc.). This would require two things – your tagging system sort of needs to know all of the groups on the system and it then also needs to ensure people aren’t tagging their pictures with a tag that is also a group name when they don’t mean to (‘Are you sure you want to tag this picture to belong to the group “The Photogs”‘). Of course, this could allow users to ‘uncover’ hidden groups but I’m not sure that’s a big deal.
Coming back to the first point, picture ownership. At some point you’re going to have to add some way for people to assign a license to their uploads. Most sites can get away with something in their terms of usage that is a blanket statement but some will have to allow their users full control over licensing of pictures. Creative Commons (like Flickr) is easiest.
The reason I mention this is we’re talking about mostly public pictures on public websites.
Public vs private is also a concern when allowing people to tag their pictures or upload them to a group. If a picture is uploaded to a public group, it can’t be set as a private picture. If the group is private, does the picture have to still be public? There might be some interesting combinations.
And now for something a little different – Privacy.
A user should always have full control of their pictures. A user should also be able to permanently remove their username if it is tagged against a picture (like Facebook person tagging). Users should be notified when they are tagged in pictures and it might also be better to require them to approve themselves being tagged in a picture before the tag is visible publicly. Users should only be able to tag people who they are friends with. Maybe people who are in the same groups, but definitely not any random user on the site.
