Opigno Learning Path module uses a too generic system permission to control the access to some of their features, that could create some security issues in order to get the users actions under control.
As a user who should be able to manage the learning path groups try to show the score pop up by clicking the arrow among the modules from the modules admin page or access to one of the following urls:
Create an specific permission to get access to those pages and use the current 'manage group content in any group' permission for controlling the route 'opigno_learning_path.entities.get_activities_conditional'
Needs review
1.0
Code
It is used for security vulnerabilities which do not need a security advisory. For example, security issues in projects which do not have security advisory coverage, or forward-porting a change already disclosed in a security advisory. See Drupal’s security advisory policy for details. Be careful publicly disclosing security vulnerabilities! Use the “Report a security vulnerability” link in the project page’s sidebar. See how to report a security issue for details.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.