When I enable the FCKEditor module for the first time, logged in as user/1, I immediately have the plug-in enabled on my "create content" pages. What is disturbing is that no permissions have been assigned yet to any role to access the fckeditor module.

Interestingly, when I go to edit FCKEditor's Advanced profile to enable a file browser, user/1 loses this unauthorized access; if still no permissions have been assigned to any role, the WYSISWYG disappears.) Obviously, this should have been the case in the first place (i.e. user/1 shouldn't have had access before role permissions have been checked off), but there seems to be a problem with the way the module is enabled for user/1.

Oddly enough, if I revert the Advanced profile's file browser setting back to default, the FCKEditor is still gone unlike when it was first enabled with the same default settings.

Comments

apachelion’s picture

apachelion commented

I tested a lot of configurations, and finally came to the conclusion that this bug only occurs in basic Drupal installations where there are no roles other than the default anonymous/authenticated, and therefore no roles can be assigned to user/1. In that particular situation, after I log in as user/1 and enable the FCKEditor module, I always get the WYSIWYG interface on my "create content" pages even though no permissions to access the FCKEditor have been assigned yet.

Hope this can be resolved easily.

guillaumeduveau’s picture

guillaumeduveau
Location Toulouse
commented

I'd say this is by Drupal's design : user/1 has access to anything.

apachelion’s picture

apachelion commented

This doesn't seem to be the case, as I have seen how user/1 can be limited by FCKEditor.

I emphasize on the fact that user/1 has immediate access to fckeditor only if no configuration has been made to the fckeditor module and/or Drupal permissions. In other words, you don't have to give permissions to the anonymous/authorized roles to get WYSIWYG interface for user/1--it just has it by default for reasons I can't explain. The superadmin continues to have fckeditor access even after you give fckeditor permissions to the anonymous/authorized roles, but this is because: a) the module assigns its Advanced and Default profiles automatically to the basic system roles, and b) since user/1 is an authorized user by default, it uses the newly assigned profile, therefore still has access to fckeditor.

What is interesting however, is that, contrary to what you might think, user/1 can be limited by fckeditor. This is how you can test it yourself:

1. create a role
2. give the role fckeditor permissions
3. assign the new role to user/1

Since the new role doesn't have an assigned fckeditor profile to it, it won't be able to use the WYSIWYG even if it is given permissions to do so. What is peculiar however, is that if you assign the role to user/1, the superadmin loses the WYSIWYG too!

How come user/1 loses access, if it bypasses all user roles by default? Why is it affected by roles, if it should have full access to everything all the time? What can be done about this?

guillaumeduveau’s picture

guillaumeduveau
Location Toulouse
commented

You can create affect another role that has access to FCKeditor to user/1 and tell FCKeditor this role has to be used in priority.
FCKeditor is enabled by default for user/1 and I think it makes sense that if you assign a role to user/1 that has no access to FCKeditor, you disable FCKeditor for user/1. Otherwise you could not disable FCKeditor for user/1 at all. No ?

Jorrit’s picture

Jorrit commented
Status: Active » Closed (won't fix)

I think it is best to keep things as they are, as there are not much complaints and changing this would affect a lot of people.