Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
A patch in #1817124: Disable showing "XML sitemap" fieldset on Taxonomy term edit page for users without 'administer xmlsitemap' permission revealed an issue with the xmlsitemap_link_bundle_access() function.
as mentioned in http://drupal.org/node/1817124#comment-6825434, xmlsitemap_link_bundle_access($bundle_info) ends up calling user_access('administer menus'). The issue is 'administer menus' is not a permission that exists, it should be 'administer menu' (without the s) instead. So the function is always returning false.
Comments
Comment #1
SKAUGHT'#access' => user_access('administer xmlsitemap') || user_access('use xmlsitemap') || xmlsitemap_link_bundle_access($bundle_info),
final condition checking xmlsitemap_link_bundle_access() is looking for 'administer content types' -- which is ridiculous here. shouldn't matter if use can build content types over allowing current node form to bypass item in xml render.
@context access per entity?