When anonymous users are provided URL edit/view links with access tokens (for later editing), they can't switch back and forth between the View and Edit tabs since those tabs do not inherit the access token query string in the URL, so they go from having access to 'Access Denied.'
Would it be feasible for this module to make that happen? Or is there another creative suggestion to workaround this inconvenience for visitors?
Default View link:
http://localhost/nexamp/node/3768/submission/130
Default Edit link:
http://localhost/nexamp/node/3768/submission/130/edit
Hoping something can automatically adjust those links and append the ?token=XXXXXXXXXXXXXXXXXXX as soon as either tab is access with a token.
Comment | File | Size | Author |
---|---|---|---|
Safari - www.acquia.com - CMS, Commerce, Community | Drupal | Acquia - Screen Shot June 30, 2015 at 1:23 PM.png | 17.98 KB | amaisano |
Comments
Comment #1
amaisano CreditAttribution: amaisano commentedComment #2
DanChadwick CreditAttribution: DanChadwick commentedI think you can accomplish this using something like the solution proposed in #1344902: Provide an optional destination parameter for local actions. I don't see webform customizing its menu tabs for this, but I'm happy to listening to additional discussion from others about the technical merits. If so, please re-open with discussion.
Comment #3
pbosmans CreditAttribution: pbosmans at UC Leuven-Limburg for UC Leuven-Limburg commentedI've tesame issue here.
My setup :
- Drupal 7
- In the webform permissions, anonymous users can edit/delete there own submissions.
- In the confirmation page (and mail) i use the access token :
<p>Go to your submission: <a href="/node/[node:nid]/submission/[submission:sid]?token=[submission:access-token]">Submission [submission:serial]</a></p>
This produce me a link to 'http://my.wwwdev.be/node/5354/submission/17262?token=af6fa8343c4e09e40ed...'
When the anonymous user use on this link, he can see his submission and in the admin-tabs there are three links.
'View' -> 'http://my.wwwdev.be/node/5354/submission/17262'
'edit' -> 'http://my.wwwdev.be/node/5354/submission/17262/edit'
'delete' -> 'http://my.wwwdev.be/node/5354/submission/17262/delete'
All three without the token. So when the anonymous users klicks on these link, he gets een 'access denied'.
If these links where appended with the token, the links will work for the anonymous users.
I can't get the provided solution (https://www.drupal.org/node/1344902) to work in drupal 7
Comment #4
pbosmans CreditAttribution: pbosmans at UC Leuven-Limburg for UC Leuven-Limburg commentedComment #5
pbosmans CreditAttribution: pbosmans at UC Leuven-Limburg for UC Leuven-Limburg commentedSorry to re-activate this issue.
I will close it again because i solved it in Drupal 7 with hook_menu_local_tasks_alter :
Comment #6
MingsongThanks @pbosmans,
I think your solution of using hook_menu_local_tasks_alter is the best.
Comment #7
carlovdb CreditAttribution: carlovdb commentedCode in #5 works.
Bur when you edit the submission by clicking the button "save". You get the message "Acces denied" because the save button does nog know the access token.. How can you solve this?
* EDIT *
By using the acces token in the destination, this is solved