Hi,
Users of my site are grouped in admins and non-admins.
I was wondering why non-admins would not be allowed to views documents
which are stored in the doc manager,
although related rights have been granted in the group settings.
docmanager.php reads:
if(... $_SESSION['OBJ_user']->allow_access("documents", "view_document"))
..... allow viewing.
mod/users/class/users.php reads:
function allow_access($mod_title, $subright=NULL){
if ($this->isDeity())
return TRUE;
if ($this->admin_switch)
if ($this->checkUserPermission($mod_title, $subright, TRUE))
return TRUE;
return FALSE;
}
This tells me that, no matter which rights are granted, users do never
have access to actions unless their admin flag is set. If this is a bug,
I could easily go and fix it (by commenting "if ($this->admin_switch)"?)
But as the latest version still includes this function in the same way,
I find it hard to believe that a bug like this would be able to survive
for a notable time.
- what am I missing....?
Thanks for any advice
Ulf
|
