Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi, we check if have access to update rather than to delete.
if (!commerce_customer_profile_access('update', $profile)) {
Regards!
Comment | File | Size | Author |
---|---|---|---|
Fix_commerce_customer_handler_field_customer_profile_link_delete-Commerce_Customer.patch | 850 bytes | facine | |
Comments
Comment #1
facine CreditAttribution: facine commentedUpdate status!
Comment #2
rszrama CreditAttribution: rszrama commentedI'm going to update the access checks in all of our delete link Views field handlers, but from a functionality standpoint, there actually is no bug here. The function that ultimately gets called treats "edit" and "delete" the same, since we don't separate out delete permission from update permission. For that matter, it would've worked fine if the access check was for "carrot", which is pretty silly. Fortunately, I just updated an old issue to become a feature request to resolve this in 2.x. ; )
Comment #3
rszrama CreditAttribution: rszrama commentedTurns out it was just customer profiles and orders. Thanks for the fix!
Commit: http://drupalcode.org/project/commerce.git/commitdiff/02a3a5c
Comment #6
rszrama CreditAttribution: rszrama commented