admin not able to view/edit other
anshuprateek - July 4, 2008 - 07:13
| Project: | OpenID Attribute Exchange Implementation |
| Version: | 6.x-1.2-alpha3 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | anshuprateek |
| Status: | needs review |
Description
Admin currently is not able to view/edit other users persona entries
#1
Still valid for alpha3.
Patch attached, please review.
#2
Will have to rework this for HEAD.
#3
Patch is working on the latest HEAD version of the module.
Would you think maybe doing the following for the displaying of the form
<?phpfunction openid_ax_persona_form(&$form_state, $user = NULL) {
if (!$user) {
global $user;
}
?>
Rename the $user passed in to account and have the system check against account for the pieces below. Then we can check if the user who is accessing has permissions to view this page, since if they are not an admin we don't want them checking the page out. Global user might be based off the menu callback an anonymous user and hence if they enter anyones user id there they will be able to view the page because we have no access callback or arguments to check permissions.
Thoughts on this ???
#4
http://drupal.org/node/319558 provides the patch for checking the users account hence that piece is no longer relevant for checking the access permissions.
#5
Have updated this patch to include a lot of changes in the module for displaying the forms in fieldsets and also how the form is built and the database queries are run on it. The patch also takes into account the user who's information is being viewed and removes the wrapper functions that were calling drupal_get_form since they are now in the menu callback system.
Respectfully,
Darren Ferguson