[FIXED] Wrong permission check?

More
10 years 2 months ago #49270 by ggppdk
Replied by ggppdk on topic Wrong permission check?
Hello

please give detailed instructions about steps to follow for replicating the problem,

i have not managed to replicate the issue


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...

Please Log in or Create an account to join the conversation.

More
10 years 2 months ago #49319 by jrodgar
Replied by jrodgar on topic Wrong permission check?
User "Redactor" with create, edit and edit own permissions on CategoryA. No component permissions
User "Revisor", inherit "Redactor" permissions and add "Edit state" and "Edit state own" permissions on CategoryA. No component permissions


Redactor create article inside CategoryA
Revisor can´t publish article from inside the item form (he can from item list!)

You can also see the code I told and check the variable values

Unless otherwise indicated:
Joomla 3.8.1
Flexicontent 3.2.1.7

Please Log in or Create an account to join the conversation.

More
10 years 2 months ago #49351 by ggppdk
Replied by ggppdk on topic Wrong permission check?
Hello

Revisor can´t publish article from inside the item form (he can from item list!)


i see, will test this

PS: can add the ACL privilege (component)
"Can request Approval for any item"

so if you
1. give the above privilege to your revisor

2. and also the ACL privilege (component)
Items (Frontend Content Lists): ignore view state

3. create a menu item to point to multi-category view (do not select any category) or to category view and also show
- State filter
- Category filter

this will make better frontend for your revisors ?


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...

Please Log in or Create an account to join the conversation.

More
10 years 2 months ago #49367 by jrodgar
Replied by jrodgar on topic Wrong permission check?
We have some flexicontent deploys but none of them use heavily a frontend edition, but I think I understand what you want to get, that way the editor could change between the categories he can access and request approval for whatever he wants

Unless otherwise indicated:
Joomla 3.8.1
Flexicontent 3.2.1.7

Please Log in or Create an account to join the conversation.

More
10 years 2 months ago #49480 by jrodgar
Replied by jrodgar on topic Wrong permission check?
Anyway, the original bug is still on 1955. I have it hotfixed on local in the way I explain below, but I´m not sure if there is something I´m not taking into account

jrodgar wrote: Ok, here is the deal

code.google.com/p/flexicontent/ ... m.php#1288

That check is giving me problems, looks like is not checking properly that is empty when an object is being passed (see this stackoverflow.com/questions/9412 ... pty-in-php )

In my case, the problem appeared when a user, that have edit state permissions on the category item, tries to save the change state from "pending approval" to "published"


So the stack would be

items.php:save()

parentclassitem.php:getForm()( code.google.com/p/flexicontent/ ... em.php#971 )

parentclassitem.php:canEditState()


For example, when I change the problematic line ( code.google.com/p/flexicontent/ ... m.php#1288 ) with

tmpItem = (array)$item;
if ( empty($item) || empty($tmpItem))


It saves correctly (it seems correctly)



What do you think?

By the way:
PHP 5.4.31
Flexicontent 2.2.0 r1910
Joomla 3.2.4


Unless otherwise indicated:
Joomla 3.8.1
Flexicontent 3.2.1.7

Please Log in or Create an account to join the conversation.

More
10 years 2 months ago #49565 by jrodgar
Replied by jrodgar on topic Wrong permission check?
Not fixed on 1967

Unless otherwise indicated:
Joomla 3.8.1
Flexicontent 3.2.1.7

Please Log in or Create an account to join the conversation.

Moderators: vistamediajoomlacornerggppdk
Time to create page: 0.825 seconds
Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Essential
These cookies are needed to make the website work correctly. You can not disable them.
Display
Accept
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline