Hi, on my site, profile page can access only user with permission "administer nodes".. I dont want to give such a permission to anonymous or logged in users... do I have something wrong in my setup?

the same applies to privatemsg module, which is weird, content profiles should be accesible to everyone, and privatemsg to logged in users..

many thanx for a help

Comments

czeky’s picture

not privatemsg, but admin message

asund’s picture

Category: support » bug

I'm having a similar problem:
If user without "administer nodes" access try to create a user, he only gets redirected to his own edit content profile-page.
The user has rights to create content profile - in fact I have enabled all possible access rights except "administer nodes", and the problem persists.

I'm using the lates dev release on drupal 6.8 and php 5.2
Content Profile User Registration and "Use on Registration" is enabled.

Btw: Great module! Keep it up :)

fago’s picture

Status: Active » Fixed

Indeed - that's odd.

Anyway it doesn't make sense to force admins to enter profile information for their users. As it's now easy for admins to add profiles for other users (see http://drupal.org/node/277656), I've just removed the form from the admin's add user page.

committed to 6.x-dev.

asund’s picture

I don't know if I got this right;
Have you removed it so fields won't show on "create user" page like it does on the "register new user" page?
I'd really prefer to have them in the user creation page. In my use of the module some of the profile fields are required for all users, and it would be nice to have the fields on one page - rather than making a rule to redirect to the profile edit page after making a user. In other words like it is in the current dev release, but without the redirect problem above..!

asund’s picture

Had a look at the code in content_profile.module

This is what's causing the problem (line 366)

if ($op == 'prepare' && is_content_profile($node) && !isset($node->nid) && $node->uid && !user_access('administer nodes')) {
    // Check if this nodetype already exists
    if ($nid = content_profile_profile_exists($node, $node->uid)) {
      // This node already exists, redirect to edit page
      drupal_goto('node/'. $nid .'/edit', 'destination=user/'. $node->uid);
    }
  }

So instead of !user_access('administer nodes') there should be a check if the current user has access to adding nodes of any content profile type.
Right?

Regarding what you said about forcing admins to enter profile information about their users;
How about another checkbox in the content profile settings "Show profile fields when administrators create users"

fago’s picture

Yep, an option for that would make sense too.

However we can't leave it on without the possiblility to turn it off - as it's silly to force admins to enter profile information for users.. So as long there is no setting, it should be off imho.

asund’s picture

Yeah, I agree that makes sense. I really hope there will be an option for it, though!
I'd be happy to help out if you need any!

fago’s picture

Help is always appreciated very much! just roll a patch!

asund’s picture

Status: Fixed » Needs review
StatusFileSize
new4.6 KB

Okay, here's my patch. It's actually my first patch - so hope I did it right!
I added && arg(2).arg(3)!="usercreate" to the end of the previously mentioned line to stop the redirect to work on the create user page.
An new option is added to the settings page, and it only shows the form if this is selected.

Please have a look at it :)

asund’s picture

StatusFileSize
new5.26 KB

Made a small change;
In the current release one can not hide the required fields from the registration form. This makes sense as long as the form is only visible on user registration. But when an admin is creating the user it would be nice to have field that the admin doesn't need to fill out, but the user need to when first editing his profile.
e.g. You require users to upload a profile picture, but the administrator might not want to do this for them.
I've also added the field-required asterixes at the end of the fieldnames.

There's probably a more elegant way to write this, though:

 foreach ($fields as $fieldname => $info) {
  $asterix = NULL;
  if (!isset($required) || $required == $info['required']) $asterix = " <span class='form-required'>*</a>";
  $return[$fieldname] = $info['widget']['label'].$asterix;
}

Note: this patch includes all the changes - not a patch for the previous patch

fago’s picture

Status: Needs review » Needs work

Please be sure to follow the drupal coding style
-> e.g. use always

if () {
  ..
}

Then I'm not sure about not requiring these fields. As they are required for the node else I think it's no good idea to bypass that and allow the creation of the node *without* these fields. E.g. the admin won't be able to edit the node again as the fields are missing, so best we don't change that.

asund’s picture

Status: Needs work » Needs review

E.g. the admin won't be able to edit the node again as the fields are missing, so best we don't change that.

I didn't think of that! You're right.
And I'll take a better look at the drupal coding standards!

asund’s picture

StatusFileSize
new4.67 KB

Fixed according to drupal coding standards, and removed the part with showing the required fields

fago’s picture

Status: Needs review » Needs work

@text: Use on Create new user

only the first letter should be capitalised. Furthermore I think the wording could be better, perhaps "Use on admin add user page" ?
And consequently use 'user_add_use' or just 'admin_user_add_use' instead.

then according to the standards it should be
if (arg(0) != 'admin') {

but better keep code short and use
$profile_types = content_profile_get_types('names', arg(0) == 'admin' ? 'user_create_use' : 'registration_use' );

asund’s picture

StatusFileSize
new4.43 KB

Fixed!
Thanks for reviewing

fago’s picture

oh sry, I overlooked that the code style is also bad for

&& arg(2).arg(3)!="usercreate") {

also the better style would be to check arg(2) == '..' && arg(3) == '..'.

Apart from that it looks fine - any testers? :)

asund’s picture

I see - but how would i do that? My php knowledge is pretty basic.. how do i put a grouped check inside an if - if you understand..
Or perhaps it will be sufficient to only check arg(3)=='create' ?

juliekj’s picture

I desperatly need this, so I'd be happy to test any patches if anyone could explain to me how to implement them...

remove all lines starting with "-", and insert lines starting with "+" or ??

And the file to modify is: content_profile.module ??

asund’s picture

StatusFileSize
new4.36 KB

Here's a patch on the jan-27 dev. Will someone please help test it?
It's worked fine on the two installations I've tested on at least.. hope we can get it added to this great module!

Btw, fixed according to your last comment to
&& !( arg(2)=="user" && arg(3)=="create" )

fago’s picture

Title: only accesible to users with administer nodes permission? » create profiles at the admin user add page
Category: bug » feature
Status: Needs work » Needs review

Thanks patch looks fine now.

Anyone else interested in this feature? -> Please test the patch.. :)

bcn’s picture

StatusFileSize
new4.53 KB

Here's a re-roll of the patch from #19 against the 6--1 branch. I've tested out the functionality, and it appears to work as advertised, though I wonder how this would work if you have more than a single profile type...

andreiashu’s picture

I just tested this one out.
It works, as noahb said, as advertised. If you have more than one content profile types checked to be used on admin page, all the fields from those profiles will appear on the form and it will create nodes for all of those profiles. In my opinion this is to be expected.

Good job !

sun’s picture

Title: create profiles at the admin user add page » Allow to create profiles on admin/user/user/create
Component: Base module » User registration module
Status: Needs review » Reviewed & tested by the community
StatusFileSize
new4.59 KB

Patch basically works and the functionality is badly needed.

Fixed some coding-style issues and logic, and renamed the setting to "admin_user_create_use". I also thought about "admin_registration_use" to make it more consistent, but on a second thought, I felt that it would be a wrong term.

Can you push the button, fago?

sun’s picture

Still applies cleanly.

miglius’s picture

I just tested the patch in the #23, it applies cleanly and implements the feature I'm looking for. Thumbs up for pushing it up to cvs.

fago’s picture

Status: Reviewed & tested by the community » Fixed

thanks, the patch looks fine now. Committed to 6.x-dev.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.