Looks like the latest dev and beta have changed how access is handled and now return an array to quiz_take_access()
which is the access callback to node/%quiz_menu/take
. This access callback expect a boolean and therefor is always TRUE and will let anybody take the quiz regardless of permissions.
Consider reverting this logic build up or do some kind of boolean grab from the key'success' => TRUE
Comment | File | Size | Author |
---|---|---|---|
#11 | unintended_anonymous-2797513-11.patch | 3.48 KB | djdevin |
| |||
#8 | unintended_anonymous-2797513-8.patch | 3.21 KB | joelpittet |
| |||
#6 | unintended_anonymous-2797513-6.patch | 1.15 KB | djdevin |
#4 | 2797513-2.patch | 943 bytes | joelpittet |
#2 | 2797513-1.patch | 551 bytes | joelpittet |
Comments
Comment #2
joelpittetHere's a patch to resolve this, hope I took the right route?
Comment #4
joelpittetActually two problems,
If they don't have access 'success' should be
FALSE
, no?Comment #6
djdevinJust changed one of the calls, should fix the tests.
Comment #8
joelpittetThank you @djdevin for helping fix most of the test failures!
The test that failed needed a user with 'access quiz' permission and anonymous doesn't have that by default, so I logged in a user that does (as mentioned in comment).
Also added some extra tests to ensure the message that says they are blocked isn't showing by accident (consider it a regression test maybe?)
Comment #9
joelpittetComment #10
joelpittetSeems to be good now. Thoughts @djdevin?
Comment #11
djdevinLooks good, I just extended the check to /take as well to make sure that page is blocked as well.
Comment #12
djdevinThanks, fixed!