Closed (duplicate)
Project:
Image
Version:
6.x-1.x-dev
Component:
image.module
Priority:
Normal
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
6 Aug 2009 at 06:07 UTC
Updated:
7 Aug 2009 at 04:53 UTC
Currently, image module only has edit permissions but not delete permissions. There might be instances where user would be give delete permissions but not edit permission and vice versa. The 'edit images' permissions should also be 'edit any image', following core's node module.
Here's a patch to standardize the permissions - delete any image, delete own images, edit any image, edit own images. Also used switch statements in hook_access() as what core modules are using. I have also added a update script to change existing 'edit images' permissions to 'edit any image' and 'delete any image'.
| Comment | File | Size | Author |
|---|---|---|---|
| image-edit-delete-permissions.patch | 2.27 KB | edmund.kwok |
Comments
Comment #1
sunCool patch!
"%" needs to be escaped, i.e. "%%".
Needle and replacement value should both the wrapped by commas, i.e. ",edit images," (also note the plural).
In the replacement value, we can simply add "delete any image," and thereby kill the following three lines as well as the implode().
Can we re-order those to view, create, edit, delete?
The test for $node->uid should come before the corresponding user_access() check to potentially safe some cycles.
This review is powered by Dreditor.
Comment #2
sunCan we merge this patch into #44057: Use core-style content permissions, please?