Invision Community 5: Editor Permissions and Custom Embeds

[Matt Finger]

We recently announced the new Invision Community 5 editor which adds many new exciting features such as semantically correct header tags, custom boxes and more. As the new editor is a leap forward in technology, some legacy features had to be left behind. We received a lot of messages about these changes, and have created new tools based on that feedback to ensure you still have the tools you need.

The new features are based around restricting some high level editor functionality for specific member groups and enabling an easy way to add custom embeds.

Permission Levels

Invision Community 5 puts a lot of new tools in the editor, including header tags, boxes and positioning tools. These are useful features, but perhaps you do not want your members changing the semantic structure of the page by adding H1 tags. Or maybe you don't want them being able to add custom boxes with colors. Based on this feedback, we have introduced a permission levels system.

At the heart of the system lies three editor permission levels: Minimal, Standard and Advanced.

Specific editor features are assigned to one or more levels. For example, you may only want header tags and content boxes to be for the 'advanced' permission level which only administrators can use.

These permission levels are configurable via the Admin Control Panel.

When is Each Restriction Level Used?

Now that we have set up the permission levels, we need to apply them to member groups.

We do this by simplying heading over to the Member Groups section of the Admin Control Panel. In the "Content" section of that form, there are two new options:

1. Default Editor Restriction Level: This is the restriction level the group uses by default, for example in Forum Topics and Blog Posts.
2. Editor Restriction Level for Comments: This is the level used for Comments (including Topic Replies) throughout the Community.

When a member has multiple groups, they will use the most permissible editor setting out of all groups.

Custom Embeds

In response to news that the ability to toggle into 'source mode' and directly edit the underlying structure of the editor document was not implemented because editor technology has moved on, many people told us they used that feature to add custom iframes from specific services they use.

We understood the need for custom embeds, and we've added the option to create iframe elements with any whitelisted URL from a link.

Additionally, iframes created this way have configurable height and width so you can resize to your liking

This feature has two editor permissions: "Can Embed External Content," and "Can Convert Links to iframes".

Adding iframes into a post can potentially be a security issue, so strong controls are needed to ensure there isn't abuse of this system. The editor will only allow links to be converted to iframes if the domain has been whitelisted. The whitelist exists in the new tab, Admin Control Panel > System > Posting & Editor > Embeds. The feature can also be entirely disabled from here.

That wraps up this round of changes based on your comments. We hope that you enjoy this update to our Invision Community 5 editor and we always appreciate your feedback.

View full blog entry

[AlexWebsites]

Looks good. Will iframe embedding work for whitelisted domains if you paste the url into the body of the editor (automatically) or do you have to click the link button every time?

[Matt Finger]

6 minutes ago, AlexWebsites said:

Will iframe embedding work for whitelisted domains if you paste the url into the body of the editor (automatically) or do you have to click the link button every time?

You currently have to manually click the embed button in the link menu, but this only applies to the new custom iframes. For the predefined embed types, e.g. other topics, youtube, X, og embeds, it will automatically convert to an iframe.

[beats23]

1 hour ago, Matt Finger said:

iframes created this way have configurable height and width so you can resize to your liking

 

The ability to resize the Iframe externally to my liking is a nice touch, thanks 🤩🤩🤩🤩🤩🤩.

Keep up the great works.

[Vakarian96]

Please add tables tools. This would be a very important feature for a CMS.

[Matt Finger]

1 hour ago, Vakarian96 said:

Please add tables tools. This would be a very important feature for a CMS.

These are on our list but will likely not make it in the initial Community 5 release. Tables sound simple enough, but when you factor everything that goes into delivering a powerful table system - background color, border color, border width, what type of content can go in a cell, what to do about overflow, actions applying to the entire row/column etc - and make it not only powerful but easy to use and reliable, the dev time really adds up.

🤔 😉

[KT Walrus]

Could you add built in support for embedding Bunny Stream videos?

Bunny is the cheapest video transcoding/hosting/streaming service and I use in my WP blog. Would really be nice to recommend to my IC5 users instead of telling them to just use YouTube. Most users don’t pay for YouTube Premium, so these users will see annoying ads in content posted by others.

Or, can you test the new Custom Embeds to make sure I can safely allow users to embed Bunny Stream videos in their content?

 

[2TonWaffle]

This is great news and one that I can't wait to play around with. Thank you for giving us the updated tools for frames and embeds, reason 1432 out of unlimited in how IC continues to innovate and listens to the community.

[abobader]

More and More good news about upcoming v5, well done.

[PinPics]

Love the ability to assign levels via permissions. Thanks so much for the hard work on these features!!

[aia]

23 hours ago, Matt Finger said:

These permission levels are configurable via the Admin Control Panel.

Can we disable image embedding (currently known as 'Insert image from URL') from third-party domains using this feature? As part of the solution to this problem.

[Matt Finger]

On 6/22/2024 at 8:03 AM, 13. said:

Can we disable image embedding (currently known as 'Insert image from URL') from third-party domains using this feature?

So the "Insert image from URL" button has been removed in 5, and there is a global setting which can prevent this behavior. And, yes, the "embed external content" restriction also prevents external image URIs from being converted to images.

[aia]

14 hours ago, Matt Finger said:

the "embed external content" restriction also prevents external image URIs from being converted to images

Does it allow restricting only external images without affecting other external embeds? If not, I hope this improvement will be made ASAP.

[Matt Finger]

1 hour ago, 13. said:

Does it allow restricting only external images without affecting other external embeds?

Sure does!

[Fernando Mercês]

Great stuff, thanks for sharing.

I mainly use source mode to add payment buttons (think of PayPal "Donate now" buttons, for example, but I use other, local services). They're basically iframes I think, but they have some code that's required to hold user IDs, button IDs, etc. Will I be able to keep using them?

Thanks,
Fernando

Edited June 25 by Fernando Mercês

[Gary]

Hi @Fernando Mercês,

I know I may be stating the obvious, but there is a donation feature built into Invision Community.

AdminCP -> Commerce -> Payments -> Donations

You could always obtain the donation button from PayPal, add it to your topic/post as an image and simply add a link to it. That's how I have done it for many of my communities in the past and never had an issue. A community I recently launched uses the default donation feature and despite it not being used yet, it does look seamless.

[Fernando Mercês]

Hey @Gary, thanks for your answer. 🙂  The issue with Commerce app for me is the lack of support to the popular local payment services. I know there's also a "Manual" payment method, but then the users have to make two purchases: one in Invision and another one in the payment service website. Often they get confused this way. So, I basically can't use Commerce.

Using the button image linked to the payment page of the service should be enough in Pages though. Thanks for this idea. 🙂

Best,
Fernando

[Gary]

No problem at all.

You can always make a suggestion to include more payment services in the Feedback forum (after doing a search for similar requests already suggested). If there are enough clients requesting these same payment services, you might be in luck. The team do look at all requests and considerations.

Bear in mind there is a big update with the Commerce application once v5 arrives. You might find the donation feature beneficial if it is one of the many amazing features being worked on.