Well the title says it all. I have a role which does not have permission to EDIT the webform, it just has access to webform results and still the role can edit webforms.
By browsing the issues I found that most of times this is due to the fact that the role has administer nodes permission but the role doesn't have this permission.
I'm using domain access module but I don't think this is causing it?

Anyone with similar experiences? Any help is appreciated!

Cheers

Comments

bartezz’s picture

Btw as a temp work-around I've now set the input type to PHP which will prevent the role to edit the webform, maybe this helps others for the time being...

quicksketch’s picture

Status: Active » Closed (fixed)

Webform does not make any modifications to the access of node/x/edit (it just puts things underneath it). My guess is that a node access module is convoluting the access permissions.

aasarava’s picture

I'm seeing the same issue and have set up a pretty simple site without any other modules that might alter the node access permissions. I have a "content admin" role that should only be able to access the webform results but not edit the form. Unfortunately, they still have the full ability to edit, even though I have not given the role edit permission.

bartezz’s picture

Haven't found a solution yet.... other than the dirty temporary quick workaround mentioned above....

medden’s picture

subscribing.... was having the same problem

medden’s picture

I added this to a custom module to fix this problem.
Now only user 1 can edit or see results from any webform.

function mymodule_node_access($node, $op, $account) {
    $type = is_string($node) ? $node : $node->type;
       if ($type == 'webform') {
          if ($op != 'view') {
               return NODE_ACCESS_DENY;
          }
      }
  }

Hope that helps.