eileenmcnaughton
commented
5 years ago defnitely sounds like a bug - I wonder if only adding this line
if a permission check passes would fix
Closed clement8888 closed 5 years ago
eileenmcnaughton
commented
5 years ago defnitely sounds like a bug - I wonder if only adding this line
if a permission check passes would fix
colemanw
commented
5 years ago Nope that's not the right place - that's a backend edit link on the layout editor. Try #20
clement888
commented
5 years ago Thanks, the patch works and access control is now enforced. However, there is a curious Edit icon that now appears on the role that is not suppose to Edit above the Key Relationship Blocks, and it is not clickable. This does not appear on Admin role. I attach a screenshot here.
colemanw
commented
5 years ago I've submitted a core patch for that. We can also patch this extension but the core patch will ensure other extensions don't fall in the same trap.
eileenmcnaughton
commented
5 years ago cool
hello,
I have an account which is only set to view all records in CIVICRM and is able to edit the Relationship Block nonetheless. This happens when all other blocks in the Record Summary are not editable. Would this be a bug ? Thanks.
CIVICRM 5.10.4 WordPress 5.0.1 Relationship Block 1.3