Http:BL doesn't allow a user with admin-permissions to access Config page ( /admin/config/people/httpbl ) and requires the original admin user (with which the Drupal was installed).

A user with full admin-permissions can't see Http:bl menu ( in /admin/config/people/ and wherever else) nor can he access the Http:bl config page directly ( "Access denied. You are not authorized to access this page.").

Everything works fine if I switch to the original admin user.

Comments

bryrock’s picture

bryrock commented
Assigned: Unassigned » bryrock

Investigating.

bryrock’s picture

bryrock commented
Version: 7.x-1.0-rc1 » 7.x-1.0-rc2
Status: Active » Needs review

Access callback has been fixed to properly check user access permissions. Any role assigned with permission to administer http:BL is now be able to do so.

This fix will be included in 7.x-1.0-rc2 just as soon as it rolls out.

mikkovedru’s picture

mikkovedru commented

Upgraded to 7.x-1.0-rc2. Unfortunately the problem is still there.

bryrock’s picture

bryrock commented

Did you clear the site's cache after applying the update? Always a good idea.

I was able to reproduce this bug on two production sites when it was initially reported, before the update. After applying the update to both sites the Http:BL config page can now be accessed by any user role that has that permission attributed to it (though I certainly would not recommend assigning it to any roles besides the administrator role).

mikkovedru’s picture

mikkovedru commented

You were correct. It was old cache issue. Thanks!

bryrock’s picture

bryrock commented
Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

bryrock’s picture

bryrock commented
Version: 7.x-1.0-rc2 » 7.x-1.0-rc4
Status: Closed (fixed) » Needs review

Oops! Due to a git error I re-introduced this bug in rc3. It has been re-fixed in rc4, and needs review.

mikkovedru’s picture

mikkovedru commented
Status: Needs review » Closed (fixed)

Works for me.