Hello,
I suggest that admin:hover should work depending only from "access admin:hover" right and user create/delete etc. content types rights.

The reason is tha tif my client should only create/delete/publish only one type of nodes ; giving him access to the admin content overview, and I don't want that because it gives him a visibility on pages he shouldn't see, and he could delete them...

If my client is the only site administrator, ic can be ok ; but in the case of a collaborative work , every redactor can access every content instead of only it's own stories.

Comments

conortm’s picture

conortm commented
Assigned: Unassigned » conortm
Status: Active » Postponed (maintainer needs more info)

hello seren10pity,

i'm sorry, but i'm not sure i understand what you're requesting. i'll try and clarify a little, and we can go from there (and of course, anyone else's input is more than welcome!):

if a user does not have permission to create/edit a node, then they will not see the corresponding create/edit admin:hover links for that node (this is governed by their "create content", "edit content", "edit own content", etc... furthermore, admin:hover links will not show up at all if the user's role does not have the "access admin:hover" permission. i'm not sure how these permissions are granting your users unwanted access to "the admin content overview".

could you provide a specific case where your issue is occurring? please provide the permissions the user's role is granted, the type of node they are editing, the admin:hover links they have access to, and which "unwanted" pages they are gaining access to...

hopefully, we can get to the bottom of this!

seren10pity’s picture

seren10pity commented

Hello,

In fact, I did a collaborative website for a client :
The redactors can add/edit/publish/unpublish/delete their own contents ; and have these rights on the note type 'story' in the User Rights.
They have 'access admin_hover'.

But when I tested, my users were not able to see admin hover unless I gave them "administer nodes" access.
And when looking through your code, I saw this : 

/**
 * Access callback for admin_hover_node_action menu callback.
 */
function admin_hover_access() {
  return (user_access('<strong>access admin_hover</strong>') && user_access('<strong>administer nodes</strong>'));
}

But I didn't want my redactors to see or administer all types of nodes... So that's why I suggested that "Administer nodes" had not to be allowed to acces admin hover.

I thank you having taken from your time to answer to me.

Admin:hover is reallly great and useful ;) It is really simple to edit nodes everywhere, and I don't have to create an entire administration interface !!!

So : thank your very mutch !

conortm’s picture

conortm commented
Status: Postponed (maintainer needs more info) » Active

seren10pity,

thanks for clarifying! i will look into this issue, as it seems the access rules for admin:hover links may indeed be too strict! thanks, again, and check back soon for updates.

~conor

seren10pity’s picture

seren10pity commented

thanks ;)

messenger’s picture

messenger commented

subscribing, i'll use this as soon as the issue is solved
thanks for the module!

verta’s picture

verta commented

subscribing ... I am comparing this module and the EazyEdit module - using both seems to be the best answer for the need expressed on this issue.