Closed (won't fix)
Project:
OG User Roles
Version:
6.x-4.x-dev
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
29 Aug 2009 at 23:39 UTC
Updated:
11 Nov 2009 at 03:42 UTC
If you create a role with crud capabilities on a given content type, and then if a user has the role for a given group, he can change the audience to a cross-posted group for which he does not have membership. He can also change the audience to none (or public). I tested this in 1.5 and it correctly did a validation on the save of the content.
4.x however lets you set the group to whatever you want once you are able to bring up the content editing form.
Comments
Comment #1
itsnotme commentedcrud?
I'm not the module container, but tried this with 4.0-dev in my project, and I cannot confirm this bug here. User with role x to edit content type xx can still only see his assigned group when he posts. My groups have the access setting "Visible only within the targeted groups.", if that may be an issue.
(The "public" setting is afais another bug, which I also have, but not due to this module.)
Comment #2
itsnotme commentedOops, sorry for accidentally changing the whole issue title :/ Changing back now.
Comment #3
riverfr0zen commentedsubscribe
Comment #4
sunAccording to #1, this bug report is bogus.