#4984 closed defect (bug) (fixed)
Admin authority not being respected for xprofile field visibility
Reported by: | ubernaut | Owned by: | boonebgorges |
---|---|---|---|
Milestone: | 1.9 | Priority: | high |
Severity: | normal | Version: | 1.7 |
Component: | Extended Profile | Keywords: | has-patch |
Cc: |
Description
so if the option "My Friends" is selected this setting overrides the admins ability to see it from the front end.
Attachments (2)
Change History (26)
#2
@
11 years ago
well admins should always be able to see any profile field regardless of the setting. it should not disallow me to see it because i'm not a friend.
#3
follow-up:
↓ 5
@
11 years ago
Thanks. I just didn't understand what the original report was about, but now I get it. Steps to reproduce (as I understand them):
- As a non-admin, set one of your profile fields to Friends Only
- As an admin, view the non-admin's profile
I haven't verified the bug report yet. Leaving in Awaiting Review until I or someone else has had a chance to run through it.
#4
@
11 years ago
yup that's it exactly. i'll get the hang of these trac reports one of these days! :D
#5
in reply to:
↑ 3
@
11 years ago
Replying to boonebgorges:
Thanks. I just didn't understand what the original report was about, but now I get it. Steps to reproduce (as I understand them):
- As a non-admin, set one of your profile fields to Friends Only
- As an admin, view the non-admin's profile
I haven't verified the bug report yet. Leaving in Awaiting Review until I or someone else has had a chance to run through it.
oh sorry one more thing probably obvious but just in case, i hadn't actually checked this but i'm thinking its safe to assume this only happens if the admin is not a friend.
#6
@
11 years ago
- Resolution set to worksforme
- Status changed from new to closed
Not able to duplicate this, regardless of the default visibility setting.
Closing as worksforme.
#7
@
11 years ago
this is not related to the default setting it is related to the actually selected (unless it is the default) setting of "my friends" i have confirmed this on two separate installs. with that setting enabled you cannot even view the field if you are editing the profile. if it helps i could make a screen capture showing the problem.
#10
@
11 years ago
both, first example is a real multisite (super admin), second is local install single site.
#12
in reply to:
↑ 11
@
11 years ago
Replying to ubernaut:
added a video to help illustrate the issue.
Ah. So it's when the admin is editing the other person's profile, not when viewing it?
Still not able to duplicate here. Possible it's related to that weird user switching plugin you're using?
#13
follow-up:
↓ 14
@
11 years ago
both actually and same results with only buddypress activated. it is sort of difficult to replicate without the user switching plugin since you have to log in and out so much but it's a great plugin, very handy for bp/multisite. happy to screenshare with you if you think that would help. I'm fairly certain this would happen on any install.
#14
in reply to:
↑ 13
@
11 years ago
Replying to ubernaut:
both actually and same results with only buddypress activated. it is sort of difficult to replicate without the user switching plugin since you have to log in and out so much but it's a great plugin
Use separate Chrome users: https://support.google.com/chrome/answer/2364824?hl=en
happy to screenshare with you if you think that would help. I'm fairly certain this would happen on any install.
Add me on Skype, and I'll show you it working correctly on my local. 'johnjamesjacoby'
#15
@
11 years ago
not on Skype but i just sent you an auth request on gtalk assuming the same handle.
#16
@
11 years ago
- Milestone changed from Awaiting Review to 1.8
Was able to duplicate now. The problem I had was the two accounts were already friends. Duh.
Working on a patch.
#18
@
11 years ago
- Component changed from Core to XProfile
- Keywords needs-patch added; reporter-feedback removed
- Milestone changed from 1.8 to 1.8.1
- Priority changed from normal to high
- Version set to 1.7
Haven't had time to address this in detail, so moving to 1.8.1 so as not to delay 1.8.
#20
@
11 years ago
- Keywords has-patch added; needs-patch removed
Hello,
Problem seemed to be that the array of hidden fields was partially set before bp_current_user_can('bp_moderate');
so regular user had array( 'friends', 'adminsonly') as expected
but admin got array('friends') instead of nothing, so in the patch i build the array of visibility after bp_current_user_can('bp_moderate') and it seems to solve the trouble.
in bp_xprofile_get_fields_by_visibility_level() i've also set $field_ids as an array as i've seen a notice.
#21
@
11 years ago
Thanks, imath. This logic looks pretty much correct. I'm going to make a more extensive fix, so that we can do better unit testing, and to make the bp_moderate stuff even clearer.
Could you give more details? What is "admin authority"?