Hey,
When giving other users permissions to create a new calendar node (in this case, machine name of the content type is event), the permission checks are failing for adding new "events".
Here's the offending lines
fullcalendar_view.theme.inc
if (!empty($user) && $user->hasPermission("create $event_bundle_type " . strtolower($entity_type->getLabel()))) {
So $entity_type->getLabel()
is returning "Content".
Hence, the permission being checked against is "create event Content" when it should be "create event content"
Simiar permissions issue in CalendarEventController.php
if (!empty($user) && $user->hasPermission("create $type " . $entity_id)) {
I believe should be
if (!empty($user) && $user->hasPermission("create $type content")) {
Attached a patch.
Cheers.
Comment | File | Size | Author |
---|---|---|---|
#3 | fullcalendar_view-3018138-3.patch | 1.45 KB | Mingsong |
permissions-fix.patch | 1.23 KB | Andrew211 |
Comments
Comment #2
Andrew211 CreditAttribution: Andrew211 commentedComment #3
MingsongHi Andrew,
You are right, it is a bug indeed.
There is just a minor issue with your patch #2.
Since we have to deal with all entities other than node entity, we can't hardcode the permission name as "create $type content".
So upload a new patch that can deal with other entity type in theory.
Comment #4
MingsongComment #6
dimas2009 CreditAttribution: dimas2009 commentedHi Mingsong,
I faced another problem here. If a user has a language different from English (Russian in my case) then $entity_type->getLabel() is translated and thus access in not granted "create $type Содержимое"
Comment #7
jotwede CreditAttribution: jotwede commentedI had the same problem as dimas2009: if language settings is not "English" (in my case: it was German) then double click and "Add event"-link only worked for admins.
I'd suggest to replace the calls of
$getLabel()
by
$getGroup()
both in CalendarEventController.php and in fullcalendar_view.theme.inc.
getGroup()
gives the machine name back ... In this case thestrtolower
call won't be necessary.Comment #9
MingsongThanks all for testing.
I believe I fix it for all language with the latest dev version.
If you could test it with the latest dev version for me, that would be great.
Thanks again.
Comment #10
DamienMcKenna(marking the issue "fixed" per the normal issue workflow)