resulting in a nice 'ACCESS DENIED' page after inviting.

obvious fix here is to test user_access('invite track') before redirecting ...

Should also mention that Withdraw links are shown for users regardless whether they have the withdraw permission or not.

Comments

smk-ka’s picture

smk-ka commented
Status: Active » Fixed

Thanks, this has been fixed in CVS.

The withdraw link can only be controlled for accepted invitations, and that works to my knowledge.

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.