Drupal Association members fund grants that make connections all over the world.
I have 'View user profiles' permission unchecked for non-authenticated role and for anonymous role. User with non-authenticated role can still see other user profiles.
please try the attached patch to see if it resolves the issue. be sure to run update.php before testing, as this change involves changing a hook, so we need to make sure the implements cache is cleared.
let me know what happens...
fyi this bug was introduced because of a change in the workflow from 6.x to 7.x of when hook_init() is called.
The patch resolved the issue. User with non-authenticated role and 'View user profiles' permission unchecked can't see other user profiles now.
committed to 7.x-1.x-dev. since this is a critical bug, a new release will follow shortly.
Automatically closed -- issue fixed for 2 weeks with no activity.
Drupal is a registered trademark of Dries Buytaert.