Project

General

Profile

Actions
Copy link

Bug #3000

closed

J2.5: CB User List access only checking one ACL group

Bug #3000: J2.5: CB User List access only checking one ACL group

Added by nant about 14 years ago. Updated almost 14 years ago.

Status:
Closed
Priority:
Immediate
Assignee:
beat
Target version:
CB 1.8
Start date:
26 November 2011
Due date:
26 November 2011
% Done:

100%

Estimated time:
2:00 h

Description

Test scenario replicated as follows:

REG-1 and REG-2 groups are created under Registered group in J173
create a REG-1 only viewable CB User Lists and a REG-2 only viewable CB User List
user1 in REG-1 can view CB List REG-1 and cannot view CB User List REG-2
user2 in REG-2 can view CB List REG-2 and cannot view CB User List REG-1
user12 in REG-1 and REG-2 can only view CB List REG-2 (note that REG-2 group is after REG-1 in Joomla ACL list)

Beat mentioned that issue is on line 54 of cb.lists.php

Files

Download all files
3000.patch (1.26 KB) 3000.patch krileon, 29 November 2011 15:49
cb.lists.php (20.3 KB) cb.lists.php krileon, 29 November 2011 15:49

Related issues 1 (0 open1 closed)

Follows CB - Bug #3038: J2.5: get_user_permission not checking full access treeClosedbeat25 November 2011

Actions
Actions
Copy link

Also available in: PDF Atom