Project

General

Profile

Actions
Copy link

Feature #19450

closed

More flexible editpanel permission

Added by Ralf Hettinger about 16 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2008-10-12
Due date:
% Done:

0%

Estimated time:
PHP Version:
4.3
Tags:
Complexity:
Sprint Focus:

Description

The permission check for rendering/using an editpanel in the frontend for logged in backend users depends on the BE user's permissions for the current TSFE->id only.

This may lead to non editable records in FE for logged in BE users, although they actually would have the permission to edit those records in the backend.
Which is I think a major drawback for FE editing.

That is typically (but not only) the case for FE plugins with their records being stored in a sysfolder, which shall be editable for some BE user but who is restricted by permissions to edit the page where the records are eventually outputted in FE.

The attached patch introduces a new parameter for cObject EDITPANEL and stdWrap property editPanel named
permissionCheckOnPid = [int | keyword 'pid']
for checking this editpanel's usability/permissions based on a given pid (if an integer) or a record's pid field (if keyword 'pid')

(issue imported from #M9539)

Files

Download all files
9539.patch (1.14 KB) 9539.patch Administrator Admin, 2008-10-12 16:52
9539_trunk_4.3.patch (1.14 KB) 9539_trunk_4.3.patch Administrator Admin, 2008-11-01 15:24
9539_trunk_4.3_sysext-fe_edit.patch (1.23 KB) 9539_trunk_4.3_sysext-fe_edit.patch Administrator Admin, 2008-11-11 12:14
Actions
Copy link

Also available in: Atom PDF