Update permission is not checked when using <:control/> tag (but destroy permission is checked)
5 views
Skip to first unread message
Clarksta
Apr 23, 2009, 6:05:54 AM4/23/09
to Hobo Users
Hi,
I added the <controls:/> tag to a table to display edit and delete
buttons. The problem is that the edit button is displayed regardless
of the permissions of the user. (I tested by using false in all
permission methods)
It seems the update_permitted? method is not being called when using
the <controls:/> tag in a table (or table-plus)
When the edit button is clicked it shows a blank page so ultimately
editing is still being restricted but the edit link should not appear
in the table.
I found was the destroy_permitted? is being called correctly so the
delete button is displayed (or not) in the table as expected.
So have I done something wrong or misunderstood ?
If it is a problem should I raise a ticket ?
Thanks
Clarksta
I added the <controls:/> tag to a table to display edit and delete
buttons. The problem is that the edit button is displayed regardless
of the permissions of the user. (I tested by using false in all
permission methods)
It seems the update_permitted? method is not being called when using
the <controls:/> tag in a table (or table-plus)
When the edit button is clicked it shows a blank page so ultimately
editing is still being restricted but the edit link should not appear
in the table.
I found was the destroy_permitted? is being called correctly so the
delete button is displayed (or not) in the table as expected.
So have I done something wrong or misunderstood ?
If it is a problem should I raise a ticket ?
Thanks
Clarksta
Tom Locke
Apr 23, 2009, 6:26:01 AM4/23/09
to hobo...@googlegroups.com
Yep, definitely a bug. I just pushed a fix
Tom
Tom
Reply all
Reply to author
Forward
0 new messages