The module edit screen should be shown.
Error 403: You don't have permission to access this.
PHP 7.2
Tested with 4.0-beta3 and current 4.0-dev (a1990ff).
Reported by user LukasHH at https://forum.joomla.de/thread/12433-j4-beta-3-frontend-bearbeitung-module-führt-zu-403-fehler/. Confirmed by @ChristineWk and myself.
Not sure when this bug was introduced, but it worked in 3.x, and still works in staging.
Once defined as Allowed in the Options, an Administrator can edit modules in frontend.
For me, this doesn't work. I set it to "allowed" in the options of "Modules" (step 2 of the description above).
Does it work on your 4.0 site?
yep.
Issue confirmed:
php: Linux lamp10.cloudaccess.net 3.10.0-962.3.2.lve1.5.24.4.el6h.x86_64 #1 SMP Thu Nov 15 04:53:17 EST 2018 x86_64
dbserver: mysql
dbversion: 5.7.29-cll-lve
dbcollation: utf8_general_ci
dbconnectioncollation: utf8mb4_general_ci
dbconnectionencryption:
dbconnencryptsupported: true
phpversion: 7.3.21
server: Apache
sapi_name: cgi-fcgi
version: NightlyBuild - Joomla! 4.0.0-beta4-dev Development [ Mañana ] 29-July-2020 18:21 GMT
useragent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:80.0) Gecko/20100101 Firefox/80.0
But then, after clicking the icon
403 You don't have permission to access this. Please contact a website administrator if this is incorrect.
So, confirmed indeed
Please test modifying this line
to
if (!$this->app->getIdentity()->authorise('module.edit.frontend', 'com_modules.module.' . $mod->id))
I changed above line accordingly and it looks OK for menue modules.
Status | New | ⇒ | Confirmed |
@ChristineWk
yep. I had to resave global config to get a correct result on my test site.
Will do PR.
Status | Confirmed | ⇒ | Closed |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-09-14 07:46:33 |
Closed_By | ⇒ | infograf768 |
Reopening as PR does not work
Status | Closed | ⇒ | New |
Closed_Date | 2020-09-14 07:46:33 | ⇒ | |
Closed_By | infograf768 | ⇒ |
Status | New | ⇒ | Confirmed |
Status | Confirmed | ⇒ | Closed |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-09-27 10:06:04 |
Closed_By | ⇒ | alikon |
The default for anyone below superuser is "Not Allowed."
It's the same in 3.x
Once defined as Allowed in the Options, an Administrator can edit modules in frontend.