Hello,

I have a calendar on the site I'm building and I only want to allow access to it for authenticated users.

The calendar's path is /calendar.

I created and enabled a custom permission called "view calendar" with the path set "calendar" and "calendar/*"

I then enabled the custom permission for AUTHENTICATED USER role and rebuild permissions.

The problem, as if you couldn't guess already, is that ANONYMOUS USERS can still access the page.

What am I doing wrong? Or is this not the purpose for this module?

Thanks in advance for any and all assistance!
Steve

Comments

Anonymous’s picture

@Wickwood,
Did you resolve this? I'm looking into this module and want to do similar things to what you were trying.

wickwood’s picture

No, I have not resolved this yet I'm sorry to say.

rooby’s picture

Issue summary: View changes
Status: Active » Postponed (maintainer needs more info)

I assume that the anonymous user role doesn't have this permission?

It should work as you want it to.

Also try clearing the drupal cache and then do you still have the same problem?

Ian At Work’s picture

I am having the same issue. I tried clearing the drupal cache as well. Anonymous user does not have permission and yet can reach urls I don't want him to reach. This is true both for urls with wildcard and without wildcard. have tried full url as well as shortened path.

rooby’s picture

Status: Postponed (maintainer needs more info) » Active

Back to active then.

mlncn’s picture

Status: Active » Postponed (maintainer needs more info)

Is this path provided by a view, from Views module, by any chance? Views adds its paths in hook_menu_alter, which is the same place Custom Permissions does its work... so if Views module runs later (and alphabetically it does) then its paths won't be there yet for Custom Permissions to see.

Note that if the path is provided by Views, its better to use Views' own access control to determine access.

We can have Custom Permissions always bat last with menu alter, but in the case of Views, i can't think of a use case.