When I go to change the Access control on a node belonging to a content type, I get some of the role permissions authorized, but grayed out (see attachment) - so I can't make the node invisible to those users if necessary.
The content type is Directory listing, created using the Filedirectory module.
The permissions for Directory listing are given to less roles than those grayed out.
I tried out Access control on a Directory listing-type node on a local site (with less roles) and none were grayed out, meaning that it was working correctly.

CommentFileSizeAuthor
#1 D6-ContentAccessBug8-14-2011.png44.99 KBIreneKraus
contentAccess.png21.04 KBfrancis55

Comments

IreneKraus’s picture

IreneKraus commented
Priority: Normal » Critical
StatusFileSize
new D6-ContentAccessBug8-14-2011.png44.99 KB

I have the same issue, but in my case Content Permissions is allowing roles who are NOT given permissions to edit or delete content that permission. Or so it appears so when viewing the access controls section for a given type of content. This is a very serious issue as those in those roles are not supposed to have such control!

francis55’s picture

francis55 commented

I managed to solve my problem.
The options were checked because I had in the permissions page (admin/user/permissions) I had permissions checked in the "administer content types" line.
This apparently allows users to do all sorts of things, even if the corresponding permissions are unchecked.
Finding out the secret connections in the pages and pages of the permissions page is really not easy...

IreneKraus’s picture

IreneKraus commented

I was also eventually able to resolve my challenges too, but it was not easy. Like you (I think) I had to go back and forth more than a few times between the generalized permissions page and those set as the default state (most restrictive) for roles within the content type section to correct things. In my case, it was some other module I had installed at a later time where the permission settings for roles was a bit too loose. I'm sure I'm not the only one to fall into that trap as once you grant permission for a role to do something, you can't take it back by any other means.

My lesson from this is to be a bit more careful in the granting of permissions when installing new modules!

good_man’s picture

good_man commented
Category: bug » task
Priority: Critical » Normal
Status: Active » Needs work
Issue tags: +Usability

Actually if you hover the mouse over the disabled checkbox you see'll why, but it needs some usability improvement.

gisle’s picture

gisle
he/him
Primary language Norwegian Bokmål
Location Norway
commented
Issue summary: View changes
Status: Needs work » Closed (outdated)