Bug: non-admin users w/ privs can seemingly move pages to the top of the hierarchy
Reported by dleffler | December 16th, 2011 @ 01:59 AM
Two (2) issues:
- In the menu hierarchy a non-admin user with 'manage' privilidges can seemingly move the page to the top of the menu hierarchy, but it's not saved (and shouldn't be). But probably shouldn't be a drag/drop target.
- In the page edit form, a non-admin user can select 'top of hierarchy' and place the page at the top. In most cases this will also move it out of the permission inheritance so that can't undo it if it was a mistake. Likely the drop-down should only be displayed for admins?
Comments and changes to this ticket
-
expNinja December 16th, 2011 @ 03:21 AM
(from [5fae39f66cd9494ee9910c52a6823fa4d1eadcf1]) Fixes some permissions issues with the page hierarchy menus/screens. The drop-down of available pages to select is now based on page 'manage' permissions, the internal/external menu links were switched, removed 'move_standalone' menu item/screen section for non-admin users [#434] https://github.com/exponentcms/exponent-cms/commit/5fae39f66cd9494e...
-
expNinja April 23rd, 2012 @ 01:51 PM
- State changed from “new” to “resolved”
- Assigned user changed from “expNinja” to “dleffler”
(from [6ecea3c238ad981c592b094bb06c7e085dedebd8]) Fixes drag/drop (false) indication that standard user could move page to top of hierarchy [#434 responsible:dleffler state:resolved] https://github.com/exponentcms/exponent-cms/commit/6ecea3c238ad981c...
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Bug Tracker for Exponent CMS
expNinja