[#10546] - [com_menus] menus view: solves some bugs in new acl
- Fixed in Code Base
- 31 May 2016
- Medium
- Build: staging
- # 10546
- Diff
- andrepereiradasilva:patch-16
- Success continuous-integration/travis-ci/pr The Travis CI build passed Details
- Success JTracker/HumanTestResults Human Test Results: 3 Successful 0 Failed. Details
User tests: Successful: Unsuccessful:
Summary of Changes
Some ACL in the menus list view aren't working quite right:
- If the user can't edit a particular menu type it should not have a link to it.
- Also if a user can't view the menu "Access Administration Interface" for a particular menu it shouldn't have links in the count buttons.
- Also if a user can't edit the menu "Edit" for a particular menu it shouldn't have the options to edit inside the edit screen.
This PR solves this issues.
Before
After
Testing Instructions
Create a user groups "testgroup" (child of "Administrator" user group)
Go to Menus -> Manager, edit a particular menu and set the "testgroup" group to have no permission (Denied) in "Edit" and "Access Administration Interface"
Create a user "testuser" and add it only to "testgroup"
Open a new private browser window and login to backend with "testuser".
Go to menu Menus -> Manage
-
You can see the user can view the edit link for the menu type (and if you click on it, it can edit the menu type) and also has a link in the published/unpublished/trashed count.
It shouldn't since you removed those permission in "2."
Apply patch. Repeat step 6. all good.
@bembelimen @infograf768 please test
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Category | ⇒ | ACL |
@brianteeman @roland-d
This needs tests
@Cybernary @JoomliC
Please test. Let's get rid of these errors in Menus->Manage
I have tested this item
I can confirm the issue
After applying the patch the published link is disabled but the menu type is still enabled - see screenshots
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10546.
Sorry my fault. I set delete to denied and not edit
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10546.
| Status | Pending | ⇒ | Ready to Commit |
| Labels |
Added:
?
|
||
| Milestone |
Added: |
||
I have tested this item
We are still having some issues. When I go to Menus and edit a menutype and set the Access Administration Interface to Denied and the Edit to Denied after saving the changes I see the settings still set to Inherited but now with a Not Allowed Lock behind them.
After logging in as the testuser all menus are no longer clickable, not just the menutype I altered.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10546.
| Status | Ready to Commit | ⇒ | Information Required |
| Labels | |||
Taking off RTC as this requires more investigation.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10546.
| Labels |
Removed:
?
|
||
@andrepereiradasilva I do not mean these 2 issues. Have a look at this screenshot. I am logged in as the testuser and have set the Deny permission on the aboutjoomla menu type only. This is after applying this patch, before applying I always have the edit links.
ok, will look at it tomorrow. thanks for the test.
I have tested this item
After using a newly installed website I am able to see the testuser sees all links as editable. After setting the edit and access to denied for a specific menu type the user can no longer edit that menutype.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10546.
| Status | Information Required | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-05-31 07:34:26 |
| Closed_By | ⇒ | roland-d |
Thanks everybody
I have tested this item✅ successfully on 2f8b74b
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10546.