change permission name in usersearch.module
jpd972 - June 10, 2008 - 17:11
| Project: | Core searches |
| Version: | 5.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
There should be a new permission 'search users' that should be used instead of 'access user profiles'.
It has to be implemented in usersearch.module:
- if (user_access('access user profiles')) {
+ if (user_access('search users')) {And also in the patch to user.module:
function user_perm() {
- return array('administer access control', 'administer users', 'access user profiles', 'change own username');
+ return array('administer access control', 'administer users', 'access user profiles', 'change own username', 'search users');
#1
Disagree. If you can search for users it is the same as accessing their profile information.
#2
(reopening)
What about this then?
- if (user_access('access user profiles')) {+ if (user_access('access user profiles') && user_access('search users')) {
The rationale for it is that we want users to be able to access other profiles (comments, buddies etc), but not to search for random users.
#3
Won't you achieve your goal by simply not enabling the usersearch module?
#4
No, because I need it to be enabled for some other roles.