- πΊπΈUnited States smustgrave
With D7 EOL and the D7 of this module unsupported going to close out. Thanks all!
The access check is mostly right:
if(!isset($account) || $account->uid==0 || $op!='update'
|| !isset ($node) || $account->uid == $node->uid
|| !user_permission('access node by reference', $account) ){
return NODE_ACCESS_IGNORE;
}
However, the last one is wrong. It should be user_access() not user_permission(). Like this:
if(!isset($account) || $account->uid==0 || $op!='update'
|| !isset ($node) || $account->uid == $node->uid
|| !user_access('access node by reference', $account) ){
return NODE_ACCESS_IGNORE;
}
Once that is changed, it should force that users have the access permission in order to use the module... as currently running, any authenticated user can use the module.
Thanks!
Closed: outdated
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
With D7 EOL and the D7 of this module unsupported going to close out. Thanks all!