Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
views_handler_field_user_link_edit extends views_handler_field_user_link but checks against 'access user profiles'. Which is the value for the 'View User Profiles' permission. The edit link could possibly show for someone with permissions to view profiles, but not actually edit them- resulting in an access denied.
This patch simply adds a permission check to views_handler_field_user_link_edit for the 'administer users' permission to correct the issue.
Comment | File | Size | Author |
---|---|---|---|
editlinkpermissionspatch.patch | 652 bytes | kazajhodo | |
Comments
Comment #1
dandaman CreditAttribution: dandaman commentedUnassigning it. Will try to review this if I have some time soon.
Comment #2
JaceRider CreditAttribution: JaceRider commented+1 for this patch
Comment #3
dawehnerOh yeah, this is indeed a problem.
There is no reason to remove proper documentation.
I'm wondering whether people use this field to display a link to edit your own profile. Based on this you would have to remove the access check and just return TRUE and add the required logic in the render_link function. There you could use user_edit_access
Comment #4
poiu CreditAttribution: poiu commentedThe workbench module uses (well, tries to use) this field to display a link to edit your own profile.