FLEXIcontent v2.1.3, After frontend edit unexpected loss of ACL rights

More
9 years 5 months ago - 9 years 5 months ago #55337 by fjp
Hello,

We give a usergroup both edit- and publish-this-item-if-owned rights (Allowed) via manage permissions for an individual FC article (no extra fields). The user who owns this article and who is member of this usergroup can open the frontend edit form via the Edit item icon. After the article is edited, this user wants to apply the changes, but ends up with a 403 page, saying the user is not priviliged for the task. The save however was performed successfully, is visible on the frontend (e.g. in an other browser), only the rights of the article have suddenly been changed for his usergroup. The edit and publish this item if owned are back to their Inherited value of Not allowed.
In the frontend edit form the user can not see nor change the manage permissions information.
Could it be that this is the reason why the article permissions have changed while saving from the frontend, or do you have any other explanation or suggestion to give frontend users persistent rights to edit and publish their already owned FC articles?

Edit -- If I change the usergroup rights for the category the article is in, the edit/publish rights keep up, so this is probably my workaround, but I may have to introduce additional categories if I don't want all articles of a category to have the same rights.
Last edit: 9 years 5 months ago by ggppdk.

Please Log in or Create an account to join the conversation.

More
9 years 5 months ago - 9 years 5 months ago #55343 by ggppdk
Hello

Joomla and FC version ?

so you say that if a user is not allowed to edit the ITEM ACL rights,
the they are cleared instead of being maintained ?

- if you edit as super admin in frontend are the rights saved ?
- if you edit as super admin in frontend but rights are hidden, are they saved ?


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...
Last edit: 9 years 5 months ago by ggppdk.

Please Log in or Create an account to join the conversation.

More
9 years 5 months ago - 9 years 5 months ago #55344 by fjp
My versions are:
Joomla 3.3.6
FC 2.1.3 r1857
PHP 5.4.37

If I edit as superuser (with accessible rights) rights are saved/maintained correctly yes.
At the moment I can't find where I could limit the rights of the superuser to check that. Maybe you can point me in the right direction.

Could it be that I need to give usergroup item edit Form Use Version rights (in general FC settings), since I have versioning enabled?
Last edit: 9 years 5 months ago by ggppdk.

Please Log in or Create an account to join the conversation.

More
9 years 5 months ago - 9 years 5 months ago #55345 by micker
2.1.3 is too old for j3.X
i recommend to update to v3 series

FLEXIcontent is Free but involves a very big effort on our part.
Like the our support? (for a bug-free FC, despite being huge extension) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing reviews. Thanks![/size]
Last edit: 9 years 5 months ago by ggppdk.

Please Log in or Create an account to join the conversation.

More
9 years 5 months ago - 9 years 5 months ago #55351 by ggppdk
Hello

this was fixed in v2.2.x
please upgrade to v2.2.1 or to v3 BETA7g


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...
Last edit: 9 years 5 months ago by ggppdk.

Please Log in or Create an account to join the conversation.

More
9 years 5 months ago #55379 by fjp
I followed your advice to upgrade FC on a test environment, on same server, I'm now on v3 beta 7G (which by the way, after an initial Error 500, went smoothly the second time, while I was adding user.php.ini with a higher max_input_vars), but the situation is reproduced, this time with nicer error messages. I made a screenshot after saving the article (with save and preview button) from the frontend. It shows the article is saved (so I did have rights for that) but the next message says I cannot preview an article which I do not have edit rights for. I tried to attach the screenshot but got an internal server error on the FC forum site.

Please Log in or Create an account to join the conversation.

Moderators: vistamediajoomlacornerggppdk
Time to create page: 0.686 seconds
Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Essential
These cookies are needed to make the website work correctly. You can not disable them.
Display
Accept
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline