Hi,
thanks for your help.
I think you found a bug in Visforms.
You can fix it with 2 code changes yourself.
I will add these changes to the core and they will be part of the next Visforms release, too. But as this bug is part of Visforms since I added the edit data feature for the administration and nobody ever found the bug before, I think there are not so many people using ACL to restrict data edit in administration. Releasing an update needs proper testing of all aspects and therefore some time and work. And many people are not so happy about too frequent software updates at all, so I will not release a new Visforms version which contains just this a bug fix but will wait until there are other code changes (from new features or other bugs) as well.
In order to fix it your self please find the file administrator/components/com_visforms/views/visdata/tmpl/default.php
(Make a copy of the original file as a backup, if something goes wrong).
Find the following code line in this file (about line 169)
Code:
$canEdit = $user->authorise('core.edit.data', 'com_visforms.visform.'.$row->id);
Replace it with
Code:
$canEdit = $user->authorise('core.edit.data', 'com_visforms.visform.'.JFactory::getApplication()->input->getInt( 'fid', -1 ));
Find the file administrator/components/com_visforms/controller/visdata.php
(Make a copy of the original file as a backup, if something goes wrong).
Find the following code passage
Code:
protected function allowEdit($data = array(), $key = 'id')
{
// Initialise variables.
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$user = JFactory::getUser();
$userId = $user->get('id');
// Check general edit permission first.
if ($user->authorise('core.edit.data', 'com_visforms.visform.' . $recordId))
{
return true;
}
return false;
}
Replace it with
Code:
protected function allowEdit($data = array(), $key = 'id')
{
// Initialise variables.
$fid = JFactory::getApplication()->input->getIntr('fid', 0);
$user = JFactory::getUser();
$userId = $user->get('id');
// Check general edit permission first.
if ($user->authorise('core.edit.data', 'com_visforms.visform.' . $fid))
{
return true;
}
return false;
}
The permissions of data edit in administration should work then with your settings as expected.
Regards,
Aicha