Tweet
If a user belongs to a role that does not permit them to create records of a custom module, the record create button is still visible to them in list view and in the record view subpanels of a different but related module.
This is the list view of the custom entity:
This is the subpanel of a related module, you can see the + button on the right:
This is what is shown when you open permissions view of the user:
Steps to reproduce:
1. Create new entity via entity manager
2. Create role that does not allow create-access to that entity
3. Assign a non-admin user this role
4. E.g. in list views and record views of related modules you can see create buttons. A click opens the create view and the user will only see 403 error after clicking save.
Thank you for looking into this!
This is the list view of the custom entity:
This is the subpanel of a related module, you can see the + button on the right:
This is what is shown when you open permissions view of the user:
Steps to reproduce:
1. Create new entity via entity manager
2. Create role that does not allow create-access to that entity
3. Assign a non-admin user this role
4. E.g. in list views and record views of related modules you can see create buttons. A click opens the create view and the user will only see 403 error after clicking save.
Thank you for looking into this!
Attached Files
Comment