niklaka
commented
10 years ago At first it looked like we don't. But it turns out the fix itself is easy, just finding it required reading wire/core/PageFinder.php minutely which took some time.
Looking for "check_access=0" was only a partial solution as also "include=all" AND option "findAll" (the latter may be present without the selector counterpart!) trigger skipping access checks when using template based access control.
A commit with the fix follows.
Looks like we're really getting somewhere with this :).
Probably all other admin pages too. Now when UserGroups is enabled you need to add check_access=0 if you want to find $users for example. That is not in line how PW works without UserGroups.
Do we have easy way to fix that?