For the Front end I have given list and read permissions to "Public" but then only "Super User" has create, delete and update permissions. That done however, anyone appears able to modify entries.
http://www.rosmini.school.nz/index.php/component/chronoconnectivity/StaffList
Not sure if this has anything to do with it but the body form my custom listing is:
http://www.rosmini.school.nz/index.php/component/chronoconnectivity/StaffList
Not sure if this has anything to do with it but the body form my custom listing is:
<tr>
<td>{title}</td>
<td><a href='index.php?option=com_chronoforms&chronoform=dd_view&surname={surname}' >{surname}</a></td>
<td>{subjects}</td>
<td>{management}</td>
</tr>
Looking at the generated code,
appears to generate
My guess is that "cc_edit_data" should rather be something like "cc_view_data" for everyone except super users.... just assuming :-)
index.php?option=com_chronoforms&chronoform=dd_view&surname={surname}
appears to generate
index.php/component/chronoconnectivity/StaffList/cc_edit_data/1
My guess is that "cc_edit_data" should rather be something like "cc_view_data" for everyone except super users.... just assuming :-)
After further tests, if I give public read permissions then they can also update (even if update is not set to public).
Hi rcadmin,
Is this still a problem? If you want to restrict the form then I'd add an Authenticator action there.
Bob
Is this still a problem? If you want to restrict the form then I'd add an Authenticator action there.
Bob
Hi yes that's what I will do in the end I was just interested as to why it might not work using the builtin permissions options. Thanks though, that will work.
Cheers :-)
Cheers :-)
This topic is locked and no more replies can be posted.