Closed clement8888 closed 5 years ago
defnitely sounds like a bug - I wonder if only adding this line
if a permission check passes would fix
Nope that's not the right place - that's a backend edit link on the layout editor. Try #20
Thanks, the patch works and access control is now enforced. However, there is a curious Edit icon that now appears on the role that is not suppose to Edit above the Key Relationship Blocks, and it is not clickable. This does not appear on Admin role. I attach a screenshot here.
I've submitted a core patch for that. We can also patch this extension but the core patch will ensure other extensions don't fall in the same trap.
cool
hello,
I have an account which is only set to view all records in CIVICRM and is able to edit the Relationship Block nonetheless. This happens when all other blocks in the Record Summary are not editable. Would this be a bug ? Thanks.
CIVICRM 5.10.4 WordPress 5.0.1 Relationship Block 1.3