Closed (fixed)
Project:
Advanced User
Version:
6.x-2.x-dev
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
26 Oct 2009 at 11:21 UTC
Updated:
22 Apr 2010 at 22:20 UTC
Jump to comment: Most recent, Most recent file
Comments
Comment #1
Anonymous (not verified) commentedComment #2
nkmaniAdded a patch to fix the issue. With the patch, it now requires that the user have "administer users" permission on top of "access advuser" permission to view and edits.
The simpler fix could be to look for "administer users" to allow access for the advuser menu. But, this additional permission, I guess, allows for finer control over who gets to do advuser actions!
Comment #3
Anonymous (not verified) commentedI haven't tested it but this looks reasonable to me and may be committed to CVS.
Comment #4
Anonymous (not verified) commentedComment #5
Anonymous (not verified) commentedHere is the patch I've settled on for this.
Comment #6
Anonymous (not verified) commentedBackporting to 2.x branch.
Comment #7
Anonymous (not verified) commented