Contrib.social

Access pdf links based on owner permission

Open on Drupal.org β†’
Created on 20 May 2024, about 1 month ago

Problem/Motivation

How can I prevent members from seeing a pdf link to another member's content?
Currently, any member with the "View PDF for...." permission can download this content via the entity pdf link, even if they do not have permission to view the content.
For example; any member with view permission can download other's invoice entities or any entity containing sensitive content such as invoices by changing the node IDs in the URL.

Any advice, please...Thanks.

πŸ’¬ Support request
Status

Active

Version

2.0

Component

Code

Created by

πŸ‡¬πŸ‡§United Kingdom jaydenpearly

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024