Project

General

Profile

Actions

Bug #3038

closed

J2.5: get_user_permission not checking full access tree

Added by krileon over 13 years ago. Updated over 13 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Start date:
25 November 2011
Due date:
% Done:

100%

Estimated time:
6:00 h

Description

When for example the moderator group is set to Group A and the user is a member of Group A, Group B, and Group C (all child groups of Registered) the user can not edit other users profiles. If they however are just a member of Group A they can edit other users profiles. Seams the access check isn't doing a recursive check as done in get_groups_below_me to ensure a proper J1.7 ACL tree is given.

https://www.joomlapolis.com/forum/153-professional-member-support/183432-can-i-allow-moderators-to-edit-user-read-only-fiel?limit=6&start=6


Files

3038.patch (5.5 KB) 3038.patch krileon, 29 November 2011 22:35
cb.acl.php (26.9 KB) cb.acl.php krileon, 29 November 2011 22:35
3038-pt2.patch (5.18 KB) 3038-pt2.patch krileon, 01 February 2012 17:15
3038-pt2_rev1.patch (5.34 KB) 3038-pt2_rev1.patch krileon, 01 February 2012 17:47
3038-pt2_rev2.patch (6.16 KB) 3038-pt2_rev2.patch krileon, 01 February 2012 18:11
3038-pt2_rev3.patch (6.15 KB) 3038-pt2_rev3.patch krileon, 01 February 2012 18:14
3038-part2_rev4.patch (6.21 KB) 3038-part2_rev4.patch krileon, 01 February 2012 18:37
3038-pt2_rev5.patch (6.2 KB) 3038-pt2_rev5.patch krileon, 01 February 2012 20:04
3038-pt2_rev6.patch (6.22 KB) 3038-pt2_rev6.patch krileon, 01 February 2012 23:11
3038-pt2_rev7.patch (7.44 KB) 3038-pt2_rev7.patch krileon, 01 February 2012 23:47

Related issues 2 (0 open2 closed)

Precedes CB - Bug #3000: J2.5: CB User List access only checking one ACL groupClosedbeat26 November 201126 November 2011

Actions
Precedes CB - Bug #3044: allowaccess does not accept gid arraysClosedbeat29 November 2011

Actions
#2

Updated by krileon over 13 years ago

  • File 3038.patch added
  • Status changed from New to Resolved
  • Assignee set to beat
  • % Done changed from 0 to 100
#3

Updated by krileon over 13 years ago

  • File 3038.patch added
#4

Updated by krileon over 13 years ago

  • File deleted (3038.patch)
#5

Updated by krileon over 13 years ago

  • File cb.acl.php added
#6

Updated by krileon over 13 years ago

  • File deleted (3038.patch)
#7

Updated by krileon over 13 years ago

  • File deleted (cb.acl.php)
#8

Updated by krileon over 13 years ago

  • File 3038.patch added
  • File cb.acl.php added
#9

Updated by krileon over 13 years ago

  • Status changed from Resolved to Feedback
  • Assignee deleted (beat)
  • % Done changed from 100 to 80
#10

Updated by krileon over 13 years ago

  • File deleted (3038.patch)
#11

Updated by krileon over 13 years ago

  • File deleted (cb.acl.php)
#12

Updated by krileon over 13 years ago

  • File 3038.patch added
  • File cb.acl.php added
  • Subject changed from get_user_permission_task not checking full access tree to get_user_permission not checking full access tree
  • Status changed from Feedback to Resolved
  • Assignee set to beat
  • % Done changed from 80 to 100
#13

Updated by krileon over 13 years ago

  • File deleted (cb.acl.php)
#14

Updated by krileon over 13 years ago

  • File deleted (3038.patch)

Updated by krileon over 13 years ago

#16

Updated by krileon over 13 years ago

#17

Updated by krileon over 13 years ago

#21

Updated by krileon over 13 years ago

#24

Updated by beat over 13 years ago

  • Subject changed from get_user_permission not checking full access tree to J2.5: get_user_permission not checking full access tree
  • Status changed from Resolved to Closed
  • Target version set to CB 1.8
  • Estimated time set to 6:00 h
Actions

Also available in: Atom PDF