Closed (fixed)
Project:
Buddylist
Version:
master
Component:
Code
Priority:
Normal
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
31 Mar 2006 at 14:00 UTC
Updated:
23 Jul 2006 at 20:15 UTC
Jump to comment: Most recent file
anonymous users do not have access to the buddylist profiles, when they access is granted under access control "view buddy lists". subscribing to buddylist feed would be nice for anonymous users too.
| Comment | File | Size | Author |
|---|---|---|---|
| #7 | buddylist_access.patch | 10.72 KB | quicksketch |
| #6 | buddylist_3.module | 33.89 KB | quicksketch |
Comments
Comment #1
BoarK commentedThe buddylisting pages were originally designed to only show if the user is the owner of the buddylist or a site administrator. To make it behave the way you want, you have to dig into the code.
The two functions you should be looking at are buddylist_menu() and buddylist_buddylisting_page.
Regards,
Nathan.
Comment #2
kylehase commentedNathan,
I've been trying to do the same thing. I've played with the buddylist_buddylisting_page function but still can't get it to work right.
Here's what I have.
This is half working. I'm no longer getting the access denied page as anon but I'm getting 's buddylist I think I'm having a probelm catching the uid argument from the url.
As admin the following synax works http://example.com/buddylist/uid. This is of course using clean urls.
I may have to tweak it a little to check for the uid in the URL first and use that listing page else go to the user's own buddy list if no uid is given.
Thanks in advance,
Kyle
Comment #3
kylehase commentedSorry, just noticed something else. When admin is able to list the page, the syntax is http://example.com/buddylist/uid.
When anon user tries to access the page, the same url gives page not found but using http://example.com/buddylist/user/uid gives 's buddy list with no user name.
Comment #4
kylehase commentedSorry to keep posting but I also noticed this.
I created a block to spit out the actual php get array for troubleshooting.
the url http://example.com/buddylist/uid
gives
array(1) { ["q"]=> string(0) "" }as anon or normal user but givesarray(1) { ["q"]=> string(13) "buddylist/uid" }as admin. Is this a problem with my .htaccess setting?Comment #5
quicksketchThis issue makes a really good point. Right now all users can only view their own buddies, unless they have the privilege 'administer users', then they can view anyone's. It will make much more sense to let anyone who maintains their own buddy list to view their own buddy list (duh). Anyone with the 'view buddylists' privilege (including anonymous users) should be able to view any buddy list. This makes a lot more sense than being able to 'maintain' a buddy list, but not be able to view it, which is the only function of the view buddylist privilege right now.
I'm currently working on a patch to correct this strange behavior.
Comment #6
quicksketchHere's a module available for testing (the patch will follow). Please give this code a good testing, as will be necessary before posting to CVS. The behavior is now as follows:
I believe that summarizes the changes. All of the permissions were moved to the hook_menu function for simplicity.
Comment #7
quicksketchHere's the patch. Make sure to apply against the latest HEAD release.
Comment #8
quicksketchComment #9
kylehase commentedquicksketch,
It seems to be working so far. THANKS!!! Great work.
Comment #10
quicksketchThanks for the report Kyle. I've done extensive testing and the code functions as designed. I've committed to CVS, expect to see a sync with 4.7 branch soon.
Comment #11
(not verified) commented