flickrapi_phpFlickr(), which sets up the phpFlickr object, makes a call to user_access("Administer global flickr api settings'). This permission has not been set up using hook_perm(). The module's admin settings form checks for 'administer site configuration' instead.

The bug has probably been overlooked because most users administering the module will be user 1.

I will append my patch to a comment.

CommentFileSizeAuthor
#1 permissions-1320280-1.patch1.73 KBhughbris

Comments

hughbris’s picture

StatusFileSize
new1.73 KB

The attached patch amends the permission referenced in a user_access() to all lower case ("administer global flickr api settings"). It adds a hook_perm() to implement it. It also uses the permission as access arguments for the module's admin settings form in the module's menu.

BarisW’s picture

Status: Needs review » Reviewed & tested by the community

Patch looks good. Thanks ;)

BarisW’s picture

Already fixed in the 7.x-1.2 release, will be backported in the 6.x branch.

BarisW’s picture

Status: Reviewed & tested by the community » Fixed

Committed. Thanks!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.