View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005735 | OXID eShop (all versions) | 1.05. Users | public | 2014-04-11 21:53 | 2018-01-29 14:11 |
| Reporter | gerldental | Assigned To | |||
| Priority | high | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | reopened | ||
| Product Version | 4.8.4 / 5.1.4 | ||||
| Fixed in Version | 6.0.1 | ||||
| Summary | 0005735: user role 'admin' dont't have rights to save banner-promotion | ||||
| Description | here is seems to be user-rights issue in backend. I have an user with admin-rights in main shop. As fulls rights for the promotions in 'admin roles' are on, it's impossible to save promotion (button inactive). I tried this in live-shop and in clean EE installation - with tha same effect. | ||||
| Steps To Reproduce | Make an user of type shop-admin. In 'Administer user -> admin roles' make all rights to 'Full', save and login to the shop with a new user name. Go to the Customer Info -> promotions and try to edit one of them. | ||||
| Tags | Admin | ||||
| Theme | Azure | ||||
| Browser | All | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
|
|
Reminder sent to: gerldental Hi, Thanks a lot for submitting this issue, but unfortunately we can not reproduce this issue. If there still is a problem, maybe you could send us more details about it? Could you please let us know if you still experience same problem on our demoshop http://demoshop.oxid-esales.com/EnEd ? We try reproduce with steps: 1. Make an user of type shop-admin. We created new user: For user right we set Admin(OXID eShop 5) Assigned User to "Shop Admin" group and save. 2. In 'Administer user -> admin roles' make all rights to 'Full', We go to "Administer user -> admin roles" Created new admin role and maked all rights to "Full" to this admin role Assigned new user 3. Then login to the shop with those new user 4. Go to the Customer Info -> promotions and try to edit one of them. And we can edit promotions Which step we do wrong? Best regards |
|
|
>Which step we do wrong? Sorry, it's taked some time to answer. I found the reason of this problem. For the first: it's happens only in multishop config: Only Mall-Admins can edit actions - not Shop Admins. The reason is this code in application/views/admin/tpl/actions_main.tpl: [{ if !$allowSharedEdit }] [{assign var="disableSharedEdit" value="readonly disabled"}] [{else}] [{assign var="disableSharedEdit" value=""}] [{/if}] there no "disableSharedEdit" template variable in source-code defined. I found only 'allowSharedEdit' ( in oxadminview.php, Z. 170 ) $this->_aViewData['allowSharedEdit'] = $myConfig->getConfigParam('blAllowSharedEdit'); and config variable "blAllowSharedEdit" defined in class oxutils, Z. 962 as //#1552T //So far this blAllowSharedEdit is Equal to blMallAdmin but in future to be solved over rights and roles $myConfig->setConfigParam('blAllowSharedEdit', true); also, it's setted to true but for Mall-Admins only! It has nothing to do with rights & roles, as i supposed at first. I think the code in application/views/admin/tpl/actions_main.tpl is obsolete und must be deleted... I just commented that out and all works fine now. |
|
|
The bug is already fixed and will be shipped with the next maintenance version. |
