Changed includes Add button regardless of rights
Bug #600442 reported by
Malcolm Fitzgerald
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Woda |
Fix Committed
|
Medium
|
Malcolm Fitzgerald |
Bug Description
WODA.pl 4.6.10
Text on the Changed page prompts user to add a new record using the button in the toolbar. Text and button is included regardless of rights. Clicking the Add button without rights generates an error report.
Suggest that we include a test for rights to ensure that these elements are not added to the page when Add is denied to the group.
I'll send through the changes that I make.
Related branches
lp:~xavier/woda/4.620
- Woda: Pending requested
- Diff: 0 lines
Changed in woda: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
assignee: | nobody → Malcolm Fitzgerald (malcolm-notyourhomework) |
Changed in woda: | |
status: | Confirmed → Fix Committed |
Changed in woda: | |
milestone: | none → merge-with-pro |
To post a comment you must log in.
Correction. The bug is in cgiStore, so it affects cgiChanged too.
I have used the code below. It replaces text near line 50 in cgiStore; near line 680 in cgiChanged and near line 5700 in woda-max.pl.
You will see that I have simple wrapped the text and button within a test for rights to add.
A more subtle issue is that I have changed the variable from a global $x to a my variable named $txt. I did this because the call to wbAllowed was trashing $x and the end result was that $WBB{rights} was being printed onscreen.
my $txt = <<EOM ; #UK url">$url< /a>.</p> </center>
<p>Thank you for contributing to $WBB{'dbTitle'}. Your edits were saved at URL <p>
<center><p><a class="BUTTON" href="$
<p>
This information may be useful to locate the record for editing or updating.
You may wish to <tt>[bookmark]</tt> it.
<p>
EOM
if ( &wbAllowed( $Group, 'Add' ) ) {
$txt .= '<p>To add a record, click on the add icon in the toolbar.</p>'; #UK
}
$y = "Success!"; #UK
print &formatWindow( $y, $txt );
if ( &wbAllowed( $Group, 'Add' ) ) { add.gif" alt="$t" title="$t"></a>
$t = "Add another record"; #UK
push( @Toolbar, <<EOM);
<a href="$SCRIPT/Add">
<img $ICONPAR src="$ICONURL/
EOM
}