The code appears to be missing an implementation of the permission hook. This permission (administer block_edit) is then referenced to allow users to see the settings page. Currently only the super-user can see the settings page:

function block_edit_menu() {
  $items = array();

  $items['admin/settings/block_edit'] = array(
    'title' => 'Block edit',
    'description' => 'Settings for the block edit module.',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('block_edit_admin_settings'),
    'access arguments' => array('administer block_edit'),
    'file' => 'block_edit.admin.inc',
  );

  return $items;
}
CommentFileSizeAuthor
#6 block_edit.module.patch641 bytesjoelstein
#5 block_edit_missing_permission_hook.patch407 bytessoulfroys

Comments

philbar’s picture

philbar commented

There should also be a hook to prevent anonymous user from using Block Edit.

There is no point in having a "View" link on every item when they are already viewing the content. Not to mention it is a performance issue. Why should anonymous users load Block Edit's css, when they don't use it.

Anonymous’s picture

Anonymous (not verified) commented

Marked #718520: Better access as duplicate of this issue.

Anonymous’s picture

Anonymous (not verified) commented
Version: 6.x-1.10 » 6.x-1.x-dev
Status: Active » Fixed

Looks like this has been fixed in latest dev version: http://drupal.org/cvs?commit=335148
Re-open if not.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

soulfroys’s picture

soulfroys
Primary language Portuguese, Brazil
commented
Status: Closed (fixed) » Needs review
StatusFileSize
new block_edit_missing_permission_hook.patch407 bytes

My first patch !!! So difficult man...

Please, have I done right?

Tks!

joelstein’s picture

joelstein commented
Priority: Normal » Critical
StatusFileSize
new block_edit.module.patch641 bytes

Here's a revised version which puts the permissions in a more logical order. Plus, it removes the space in the "administer block edit" permission (that's the usual convention).

Marking as critical, since the admin settings page is unreachable without this permission.

Anonymous’s picture

Anonymous (not verified) commented
Status: Needs review » Reviewed & tested by the community

Works for me!

aharown07’s picture

aharown07 commented

Is the #6 patch in the dev version yet?

joelstein’s picture

joelstein commented

aharown07: It won't be in dev until the maintainer commits it.

aharown07’s picture

aharown07 commented

OK thx.
I am using the dev version now and it at least allows turning off visibility of the links per role.

joelstein’s picture

joelstein commented
Status: Reviewed & tested by the community » Fixed

This was added in #822664: Add "administer block_edit" permission.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.