Users should NOT always be able to access their own edit page

i would consider a patch that adds a new 'access own edit page' permission to the module, if it was well implemented. i have no interest in writing this myself.

i will not accept this patch as written. userprotect is focused on editing prevention, throwing in view protections feels more like it solves your issue, and not a module issue... ;)

if you re-roll with only the feature that was originally discussed, then i will reconsider.

getting closer. unfortunately, this needs an upgrade path. installing a new permission will make it such that all current roles on the site would not have it, which would create the opposite behavior of what we have now -- not acceptable.

so you'll need to include an update function that loops through all current roles on the site and enables that permission for them, and you'll need to adjust the installation code to enable it as well. the existing install code should give you some good hints on how to handle these.

not quite:

• up_edit was only always FALSE for user's editing their own account. if you do that, you'll clobber the site's settings for user admins
• i'd prefer if you explicitly enabled the permission for all roles. it's totally possible for a user to not have the authenticated role (a la logintoboggan's pre-auth feature), so this needs to be set for all roles to behave consistently
• you should be using core's user_role_grant_permissions() or similar instead of querying the database directly.

well, good work thus far, hopefully somebody else will pick up the torch. now you can see why being a volunteer module maintainer can be so demanding!

I believe that I also have the same use case as johnv. I would also like to use IP Login which maps IP numbers onto a user account and allows login to that account from a specified listing of IP numbers. The user account needs to be protected so that users from the IP numbers cannot edit (or even see may be ideal) the user account info. The use case here is giving an entire university community transparent access based upon the IP number, but only allow an administrator access to the account.

johnv, how are you accomplishing what you need? are you using the original patch you provided?

Here is an updated version on this patch to work on the latest version of user protect module.

Thanks for the patch, I needed this for a project I'm working on.

I have changed a few lines in the install file + added an extra user_access check to userprotect_user_edit_access.

Maybe it's getting even closer now. ;)

A re-roll of the patch in #16. Also renamed the permission from "edit own user account" to "edit own account".

Committed #17.