To reproduce:

(1) new drupal 7 site with views
(2) create a new view with UID as a contextual filter, and a block
(3) add "User: edit link" as a field
(4) put block in the sidebar

Now, when we are admin, we can see "edit link" for any user

However, when an authenticated user logs in to his or her own user page, and sees the "edit" tab (therefore has the permission to view the edit link for his/her own account), the edit link no longer appears. Because the user has the permission to edit that account, i would expect to see the edit link in the view.

Comments

mjpa’s picture

mjpa CreditAttribution: mjpa commented

The views user edit link needs the 'access user profiles' permission as well for some unknown reason - see http://cgit.drupalcode.org/views/tree/modules/user/views_handler_field_u...

thirdender’s picture

thirdender CreditAttribution: thirdender commented

Is this the correct logic? I just ran into this again today. It seems like maybe user_edit_access should be used instead.

morbiD’s picture

morbiD CreditAttribution: morbiD commented

+1 to @thirdender's suggestion.

Why on earth would an edit link check the user's view access rather than their edit access?

Edit:

Actually, user_edit_access() can't be used in this case; the access() function is called before the view is executed so we're not yet checking access for any specific views row.

However, since views_handler_field_user_link_edit extends views_handler_field_user_link, I think all we need to do is add an override for the access() function in views_handler_field_user_link_edit so that it always returns TRUE. Then row-level access checks will be able to correctly determine the link visibility.

Or is that a bad idea for some reason I haven't thought of?