Is it possible to allow users of a SharePoint blog to comment, but not create posts?

Question

By exploring the permissions, there seems to be no distinction between a comment and a blog post.

I can set users as contributers which allows them to comment and means their posts require apporval. But I would like to stop them from being able to create a post even as draft.

Many thanks

Answer 1

A blog within a My Site is created using the My Site Blogs feature (863DA2AC-3873-4930-8498-752886210911). Inside the feature receiver is the following code that modifies the Comments list by setting edit access to only their own, breaks role inheritance, and grants contribute access to the Visitors group:

int num2;
SPList list3;
SPRoleDefinition byType;
SPRoleAssignment assignment;
UserProfileManager manager;
string str2;
string[] strArray2;
int num3;
string str = parent.RootWeb.AllProperties["vti_associatevisitorgroup"] as string;
SPGroup principal = null;
if (!string.IsNullOrEmpty(str))
{
    num2 = int.Parse(str, CultureInfo.InvariantCulture);
    principal = parent.RootWeb.SiteGroups.GetByID(num2);
}
list3 = GetList(web, SPListTemplateType.Comments);
list3.WriteSecurity = 2;
byType = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
list3.BreakRoleInheritance(true);
web.AllowUnsafeUpdates = true;
if (principal == null)
{
    manager = new UserProfileManager(ServerContext.GetContext(parent));
    strArray2 = manager.PersonalSiteReaders.Split(new char[] { ',', ';' }, StringSplitOptions.RemoveEmptyEntries);
    num3 = 0;
    while (num3 < strArray2.Length)
    {
        str2 = strArray2[num3];
        try
        {
            SPRoleAssignment roleAssignment = new SPRoleAssignment(str2, null, null, null);
            roleAssignment.RoleDefinitionBindings.Add(byType);
            list3.RoleAssignments.Add(roleAssignment);
        }
        catch (Exception exception)
        {
            ULS.SendTraceTag(ULSTagID.tag_7otc, ULSCat.msoulscat_SPS_UserProfiles, ULSTraceLevel.Medium, "Ignored one invalid user for the personal site reader (%s): %s.", new object[] { str2, exception });
        }
        num3++;
    }
}
else
{
    assignment = new SPRoleAssignment(principal);
    assignment.RoleDefinitionBindings.Add(byType);
    list3.RoleAssignments.Add(assignment);
}
list3.Update();
ULS.SendTraceTag(ULSTagID.tag_6y3j, ULSCat.msoulscat_SPS_UserProfiles, ULSTraceLevel.Medium, "Successfully activated MySite Blog Feature");

I would probably write a custom Feature Receiver that does something similar. However, if I only needed a single blog in the site collection and a URL of Blog was acceptable, I might try creating the blog by activating the My Site Blogs feature.

Answer 2

I've cracked it!

On the main page there is an option to manage posts. Within that page there is an option to set permissions. Perfect.