Closed (works as designed)
Project:
Flag
Version:
6.x-1.3
Component:
Flag core
Priority:
Normal
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
19 Jun 2010 at 06:34 UTC
Updated:
12 Sep 2011 at 03:21 UTC
Jump to comment: Most recent file
Comments
Comment #1
Soldierka commentedHi,
I agree that there is something wrong with access rules. I've got a flag on my page that shouldn't be edit by anyone except me. I didn't check "authentical user" in "Roles that may use this flag", still every authentical user has access to this flag.
What can be wrong?
Thanks in advance.
Comment #2
quicksketchLooks like a necessary change to me. I think we were supposed to fix this in #521804: Make 'Roles that may use this flag' not required., but only the 2.x version actually got fixed.
Comment #3
tim.plunketts/array_keys/array_values
The keys are just indexes, what we're looking for are the values.
Comment #4
tim.plunkettOh, I think I patched against 6.x-2.x, but the issue is applicable to both.
Comment #5
mooffie commentedYou're most probably wrong. It's the *keys* (of $account->roles) that hold the meaningful numeric IDs. The *values* are the string names of the roles and are useless for us.
Comment #6
mooffie commentedYes, it looks so.
I've committed this to 1.x as well.
http://drupal.org/cvs?commit=489744
But we're going to have a problem now: users will complain that their flag links no longer appear. Really, I don't understand why this wasn't documented in the UI. Uuuuff. I'll handle this now.
Comment #7
mooffie commentedI've reverted the patch.
http://drupal.org/cvs?commit=489752
Because this might hamper us in our efforts to implement #471212: No content types checked: allow all.
Comment #8
quicksketchI think mooffie is correct in #5. If so, is there anything left to fix here?
I'll close this issue out for the time being, let's try to get 2.x out (for real this time), and these 1.x issues won't make a difference anyway.