-
Notifications
You must be signed in to change notification settings - Fork 8
Open
Description
In er_form_alter() (in form_logic.inc file) I noticed the call to the function er_check_edit_permissions():
ERCore/includes/form_logic.inc
Lines 36 to 54 in 206230a
| function er_check_edit_permissions(&$form){ | |
| // d($form, 'form in er_check_edit_permissions'); | |
| // drupal_set_message('in er_check_edit_permissions'); | |
| if (isset($form['nid'])){ | |
| if ($form['nid']['#value'] != NULL){ | |
| // They're NOT creating a new node (we dont want to deny access if they're simply creating a new node, obviously) | |
| $node = new stdClass; | |
| if (isset($form['#node']->field_er_user_entity_reference)) | |
| $node->field_er_user_entity_reference = $form['#node']->field_er_user_entity_reference; | |
| if (isset($form['uid']['#value'])) $node->uid = $form['uid']['#value']; | |
| if (!isUserRefCreatedAdmin($node)){ | |
| // they're not supposed to be in the edit page here | |
| drupal_set_message('Sorry, only those referenced in the content "' . | |
| $form['#node']->title . '" (' . $form['#node']->nid . ') ' . 'may edit it.', 'warning'); | |
| drupal_access_denied(); | |
| } | |
| } | |
| } | |
| } |
From the comments, it seems to attempt to give edit permissions to the node creator, site admins, and anyone referenced in the field field_er_user_entity_reference. But it doesn't seem to be working?
Here's an example: I created this presentation on the dev site under my account and tagged Daisy Duck as a presenter (field_er_user_entity_reference field). But when I masquerade as Daisy, I get access denied:
http://dev-ercore.nmepscor.net/content/testing-edit-permissions
http://dev-ercore.nmepscor.net/node/194/edit
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels