SearchKit and permissions compatibility

[francescbassas]

I created a SearchKit with a Form as a mandates report. It's working well, but I can't get it to work for users without admin permissions. Results doesn't load. In console, I get this error:

Object { error_code: "1", error_message: "Sorry an error occurred and your request was not completed. (Error ID: ZNkY-qKms-MntU)", status: 403 }

I have checked that the user has CiviSEPA permissions. Only when I enable the "all CiviCRM permissions and ACLs" role permission, user can view the results.

[francescbassas]

@colemanw any idea what could be wrong?

[bjendres]

Thanks for reporting @francescbassas Which version were you using? CiviCRM and CiviSEPA?

[francescbassas]

I'm currently using Drupal 7, CiviCRM 5.72.3, CiviSEPA 1.10.0. It happens also in the CiviSEPA 1.9.2

[bjendres]

I'm currently using Drupal 7, CiviCRM 5.72.3, CiviSEPA 1.10.0. It happens also in the CiviSEPA 1.9.2

Could you try with the most recent one, 1.10.0?

[francescbassas]

What do you mean? Have I tried with version 1.10.0? It's the last one, isn't it?

[colemanw]

It looks like the Civi/Api4/SepaMandate.php file is missing a permissions() declaration, so it will use the default permission checks of "administer CiviCRM".

[francescbassas]

Thanks @colemanw!!! I tried this PR, and it fixes the issue: https://github.com/Project60/org.project60.sepa/pull/720

[bjendres]

What do you mean? Have I tried with version 1.10.0? It's the last one, isn't it?

Yes sure. I thought that it was fixed with that version, but you found another bug. Let me know if it works and I´ll release another version. Thanks for your support!

[bjendres]

Could you confirm it works with 1.11-alpha1

[bjendres]

can anyone confirm that this works?

[jensschuppe]

The PR has already been merged, so this ought to work with 1.11.0 now, as @francescbassas already confirmed in https://github.com/Project60/org.project60.sepa/issues/718#issuecomment-2133751034.

[bjendres]

Ok, thanks, updated the release data