Permission override from frontend

More
10 years 2 months ago #49043 by bytekultur
Hi, on a website with flexiContent, the client uses permissions on item levels, as in:
  • Global: all users of group "Authors" can edit their own
  • Global: users of group "Authors" can not edit the permissions, so the FC item frontend form adds a hidden field for the permissions named "rules" with a zero value
  • Specific item: Users of a subgroup of Authors can edit this item even if not their own

Problem is: when a user of that subgroup edits an item in the frontend, the permissions are overridden so he loses the right to edit by his own action. I tried removing that field, but the code in the background seems to override anyway.

In my opinion, if overriding a field is not allowed, it should also not be possible to delete the values, they should just stay untouched.

I solved the problem now with an html override for the item's frontend form in which I display the rules and hide them via css to still send the values, but this is obviously not the best solution... Did I miss a setting or what do you think about it?

Please Log in or Create an account to join the conversation.

More
10 years 2 months ago #49052 by ggppdk
Hello

the ACL permissions work like this:

if you explicilty deny "edit" in any parent category then the items in any sub-categories are not editable, this is the way that Joomla ACL is implemented,

so what you describle is the normal / expected behaviour (that is if i understood you correctly) ??

to be able to allow editing of sub-categories, set your top parent category to "not-set" that is soft-deny that can be overriden, reads Joomla ACL docs for more information


-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the FLEXIcontent JED listing with a 5-star...

Please Log in or Create an account to join the conversation.

Moderators: vistamediajoomlacornerggppdk
Time to create page: 0.353 seconds
Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Essential
These cookies are needed to make the website work correctly. You can not disable them.
Display
Accept
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline