There are three possible privacy settings on a field :
- Public - visible to everyone.
- Hidden - visible to you, hidden from everyone else.
- Private - visible to you and your friends.
There are two permissions per field :
- edit privacy options for field field_name
- view private data for field field_name
Without explanation it seems evident that "view private data for field field_name" permission allow the user to see "Private" data and not "Hidden" data.
Making some tests and reading source code we can see that "view private data for field field_name" allow to view "Hidden" and "Private" data as well.
Let's fix it !
Comments
Comment #1
DuaelFrHere is the patch.
It creates a new "view hidden data for field *" permissions for each privaciable field
It also disallow users to see hidden data without this new permission.
This patch allow you to set a role the right to view Private or Hidden data or both.
Comment #2
DuaelFrComment #3
DuaelFrSame patch but with Unix style line ends...
Comment #4
DuaelFrThere is another patch, improved from the previous one.
It adds three permissions :
- view private data for all fields
- view hidden data for all fields
- edit privacy options for all fields
and uses it where needed.
Enjoy