User cannot edit biblio entries unless it has 'administer nodes' permission
druido - June 9, 2009 - 13:16
| Project: | Bibliography Module |
| Version: | 6.x-1.5 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
Create a role R, assign it "access content" permission from the node module and "access biblio content", "edit all biblio entries", "edit own biblio entries" and all the "show" permissions from the biblio module. But, a user with role R cannot edit any bibliographic entry (with 6.x-1.4 it is possible). If R is given the "administer nodes" permission, then the user can edit biblio entries, but also administer all other node types.
#1
Sorry about that, I see the problem and if you want an immediate solution, just edit the biblio.module file and add TRUE to the end of line 281 (which is the "edit all biblio entries" line) like this ( you can omit the "line 281..." comment of course)...
case 'update':if (user_access('edit all biblio entries')) return TRUE; // <=== line 281 should return TRUE!!!
if (user_access('edit own biblio entries') && $user->uid != $node->uid) return FALSE;
break;
#2
Thanks, that fixes the problem.
#3
Automatically closed -- issue fixed for 2 weeks with no activity.
#4
I found a related bug where users cannot edit their own content. Module code (280) is
case 'update':
if (user_access('edit all biblio entries')) return TRUE;
if (user_access('edit own biblio entries') && $user->uid != $node->uid) return FALSE;
break;
Editing it
case 'update':
if (user_access('edit all biblio entries')) return TRUE;
if (user_access('edit own biblio entries') && $user->uid != $node->uid) return FALSE;
if (user_access('edit own biblio entries') && $user->uid = $node->uid) return TRUE;
break;
Fixed the problem
#5
That should be a double equals sign... but otherwise I'll include it in the code.
if (user_access('edit own biblio entries') && $user->uid == $node->uid) return TRUE;