If you don't give the "Member" rôle the "View individual group members" permissions, an user joining a group directly get an access denied because they can't see their own membership. Having the "Edit own membership" permission doesn't help.
Currently own operation group content access is checked incorrectly. To be consistent with default group content access handler.
We can handle it in the single point in preSave method.
Always allow an user to view its own membership.
Patch, Review, Commit
No more access denied after joining a group.
None.
None.
| Comment | File | Size | Author |
|---|---|---|---|
| #2 | group-see-own-membership-2774729-2.patch | 800 bytes | duaelfr |
Show commandsStart within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
changes
Comments
Comment #2
duaelfrComment #3
kristiaanvandeneyndeHmm, I'll look into this.
They shouldn't need view access in order to be able to edit their membership. Theoretically, they could get to the edit page if we were to provide a "Group operation" (the block with actions) that says "Edit membership info".
Perhaps we could split this up into "view any" and "view own", although I don't see the use case for that.
Comment #4
lobsterr commentedComment #6
lobsterr commentedAs we discussed, I set owner group content entity (user)
I think we also missing a permission to view any group membership. It was also added.
if everything is fins with this approach, I can introduce it also for 2.0 and 3.0 versions