Open aturling opened 6 years ago
I just tested this on my test site here in RI and I confirm, it behaves the same way that you described.
I tried to test this on dev-ercore.nmepscor.net site, but I don't think I have the correct permissions to masquerade on dev-ercore.nmepscor.net site, because when I go to Daisy Ducks profile page and click the link "Masquerade as daisyd" it logs me out.
On 03/08/2018 06:30 PM, Amy Walsh wrote:
In er_form_alter() (in form_logic.inc file) I noticed the call to the function er_check_edit_permissions():
From the comments, it seems to attempt to give edit permissions to the node creator, site admins, and anyone referenced in the field field_er_user_entity_reference. But it doesn't seem to be working?
Here's an example: I created this presentation on the dev site under my account and tagged Daisy Duck as a presenter (field_er_user_entity_reference field). But when I masquerade as Daisy, I get access denied:
http://dev-ercore.nmepscor.net/content/testing-edit-permissions http://dev-ercore.nmepscor.net/node/194/edit
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/EPSCoR/ERCore/issues/71, or mute the thread https://github.com/notifications/unsubscribe-auth/AH7MkltaxQW05Vc0lmJc6b8TA_vSoO1qks5tcb74gaJpZM4SjhCO.
Maybe dev-ercore.nmepscor.net site doesn't let me masquerade as Daisy because Daisy's status is set to "blocked"? I don't know..
On 03/08/2018 06:30 PM, Amy Walsh wrote:
In er_form_alter() (in form_logic.inc file) I noticed the call to the function er_check_edit_permissions():
From the comments, it seems to attempt to give edit permissions to the node creator, site admins, and anyone referenced in the field field_er_user_entity_reference. But it doesn't seem to be working?
Here's an example: I created this presentation on the dev site under my account and tagged Daisy Duck as a presenter (field_er_user_entity_reference field). But when I masquerade as Daisy, I get access denied:
http://dev-ercore.nmepscor.net/content/testing-edit-permissions http://dev-ercore.nmepscor.net/node/194/edit
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/EPSCoR/ERCore/issues/71, or mute the thread https://github.com/notifications/unsubscribe-auth/AH7MkltaxQW05Vc0lmJc6b8TA_vSoO1qks5tcb74gaJpZM4SjhCO.
Yes, as Kia pointed out, Daisy's status as "blocked" denied access to masquerade. I changed the status back to "Active", and masquerade now works.
Sorry that was a bad example, I didn't see that Daisy was blocked. Now that Daisy is unblocked she's still not granted edit permissions to the content she was tagged in. Is that a desired feature for ER Core? (the ability to edit content you entered yourself or you were tagged in?)
Yes, you can only edit what you have entered. Unless, you are an administrator or admin staff (you or Emily).
In er_form_alter() (in form_logic.inc file) I noticed the call to the function er_check_edit_permissions():
https://github.com/EPSCoR/ERCore/blob/206230ac4b4f00460d7e694ae802bacf975d91d5/includes/form_logic.inc#L36-L54
From the comments, it seems to attempt to give edit permissions to the node creator, site admins, and anyone referenced in the field field_er_user_entity_reference. But it doesn't seem to be working?
Here's an example: I created this presentation on the dev site under my account and tagged Daisy Duck as a presenter (field_er_user_entity_reference field). But when I masquerade as Daisy, I get access denied:
http://dev-ercore.nmepscor.net/content/testing-edit-permissions http://dev-ercore.nmepscor.net/node/194/edit