Posted by portait on July 4, 2009 at 10:39am
Jump to:
| Project: | Facebook-style Statuses (Microblog) |
| Version: | 6.x-2.x-dev |
| Component: | Code - Functionality |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
Only admin is able to view statuses. All other members see "n/v" instead of message eventhough the user's permissions are set to "view all statuses".
Looks like a bug or did I miss something?
Comments
#1
First make sure you really did set the permissions correctly. If you were upgrading, make sure you deleted the entire facebook_status folder before upgrading and completely cleared the cache afterwards. Then check /admin/settings/facebook_status and make sure you're not running a filter over the statuses that non-admin can't use. You may also need to click the "Rebuild permissions" button at /admin/content/node-settings.
#2
Arrgh... the problem was the filter. Thank you so much for helping. :)
#3
No problem, glad it works.
#4
Automatically closed -- issue fixed for 2 weeks with no activity.
#5
I've encountered the same issue some time ago. I think there should be filter access check only for users who are editing statuses (not viewing). As said in the doumentation:
Note that this will check the permissions of the current user, so you should specify $check = FALSE when viewing other people's content.
#6
True actually. Thanks, should be fixed in dev.
The reason I had it that way before is that we actually don't check access on add/edit. This is because there's no selection of filters on the status update form, it's just assigned in the administrative settings. So in addition to this change, I increased the forcefulness of the warning on the admin settings page that choosing a loose filter could be a security risk.
#7
Automatically closed -- issue fixed for 2 weeks with no activity.