I have recently set up an eZP 4.2 site where users are suppose to edit
their own profile (ie. their user-class object).
The permissions given are:
user selfedit /No limitations/
notification use /No limitations/
user password /No limitations/
and, of course, user/login
Now, this does not seem to work - even though the selfedit policy is ok,
when I navigate the user/edit, and post using the correct action, I am
redirected to something like: http://esadam.local/content/edit/2011/f,
with an access denied error.
Looking into the policy system, I presume that a permission on either
create or edit is necessary for the module to let me in - before further
checking is carried out.
I tested adding some random editing policy - such as
content edit Class( Template look ) , Section( Setup ) , Owner( Self
)
and it works!
Now, I do not want the users to be able to edit anything except
themselves - what is the best recommendation in this case for an 'empty'
content/edit policy?
Besides, this seems so weird. Is it supposed to work like this or are
there better known configs?
Bye
Gaetano
--
Gaetano Giunta
eZ Systems
7 Cité de l'ameublement, 75011 Paris
paris : +33 (0)4 78 37 01 33
mobile : +33 (0)6 71 38 78 21
skype : gaetano.giunta
http://twitter.com/gggeek
--
Sdk-public mailing list
[email protected]
http://lists.ez.no/mailman/listinfo/sdk-public
