User who has permission to edit node type, but not 'create blocks for nodes' will overwrite block settings with defaults

jhedstrom - June 17, 2008 - 19:46

Project:	Node As Block
Version:	5.x-1.x-dev
Component:	Code
Category:	bug report
Priority:	normal
Assigned:	Unassigned
Status:	closed

If a user has the permission to edit the content type, but not fiddle with the block settings, things like visibility are returned to their default values. The attached patch, which will have incorrect line numbers as it is patched against the D6 port (#254339), adds a permission check to the hook_nodeapi update/insert op to prevent this.

Attachment	Size
nodeasblock.module.patch	3.1 KB

» Login or register to post comments

#1

dropcube - June 18, 2008 - 05:36

Status:

needs review

» needs work

Could you please provide a patch for the 5.x branch ?

#2

jhedstrom - June 18, 2008 - 21:17

Here is the patch against the 5.x branch

Attachment	Size
nodeasblock.module.patch	1.7 KB

#3

dropcube - June 19, 2008 - 00:32

Status:

needs work

» fixed

Committed to 5.x branch and HEAD. Good catch! Thanks jhedstrom.

#4

Anonymous (not verified) - July 3, 2008 - 00:34

Status:

fixed

» closed

Automatically closed -- issue fixed for two weeks with no activity.

User who has permission to edit node type, but not 'create blocks for nodes' will overwrite block settings with defaults

Jump to:

#1

#2

#3

#4

User login

Contributor links