Download & Extend
Previous/Next API » Issues

User with limited permissions can access Previous/Next config

Posted by jmesam on October 28, 2010 at 12:21am
Project:Previous/Next API
Version:6.x-1.x-dev
Component:Code
Category:bug report
Priority:normal
Assigned:Unassigned
Status:active

Issue Summary

Does Previous/Next API control the access to the module settings page?
User that has permissions to access admin area also can access and modify Previous/Next API settings page.

Thank you in advance

Login or register to post comments

Comments

#1

Posted by yooh on December 11, 2010 at 7:11am

I am using 6.x-1.x-dev (prev_next.info,v 1.1.2.1)

Modify prev_next.module in sites/all/module/prev_next

Replace

<?php
/**
* Implementation of hook_menu().
*/
function prev_next_menu() {
  $items['admin/settings/prev_next'] = array(
    'title'            => 'Prev/Next',
    'description'      => 'Prev/Next API for nodes',
    'page callback'    => 'drupal_get_form',
    'page arguments'   => array('prev_next_admin'),
    'access arguments' => array('access administration pages'),
  );
  $items['admin/settings/prev_next/general'] = array(
    'title' => 'General',
    'weight' => 0,
    'type' => MENU_DEFAULT_LOCAL_TASK,
  );

  $items['admin/settings/prev_next/re-index'] = array(
    'type'             => MENU_CALLBACK,
    'title'            => 'Prev/Next reset',
    'page callback'    => 'drupal_get_form',
    'page arguments'   => array('prev_next_reindex_confirm'),
    'access arguments' => array('access administration pages'),
  );

  return $items;
}
?>

By

<?php
/**
* Implementation of hook_menu().
*/
function prev_next_menu() {
  $items['admin/settings/prev_next'] = array(
    'title'            => 'Prev/Next',
    'description'      => 'Prev/Next API for nodes',
    'page callback'    => 'drupal_get_form',
    'page arguments'   => array('prev_next_admin'),
    'access arguments' => array('administer prev_next'),
  );
  $items['admin/settings/prev_next/general'] = array(
    'title' => 'General',
    'weight' => 0,
    'type' => MENU_DEFAULT_LOCAL_TASK,
  );

  $items['admin/settings/prev_next/re-index'] = array(
    'type'             => MENU_CALLBACK,
    'title'            => 'Prev/Next reset',
    'page callback'    => 'drupal_get_form',
    'page arguments'   => array('prev_next_reindex_confirm'),
    'access arguments' => array('administer prev_next'),
  );

  return $items;
}

/**
* Implementation of hook_perm().
*/
function prev_next_perm() {
  return array('administer prev_next');
}
?>

A new option in users/permissions is created.
It's work for me.

#2

Posted by aasarava on January 25, 2012 at 6:36pm

+1. Allowing administrators to restrict roles from the configuration settings of this module is an important addition. Fortunately it's a fairly simple tweak. Module maintainers, can you please add this in? Thanks for the handy module!