|
Thursday 04 March 2004 12:57:52 pm
Hi, Some of the users of my site have reported some strange behaviour related to access control. I've created a class called "Web site to be monitored" where users can store web sites which will be monitored by a script in an extension. After creating the class, I appended the following rules to the guest account role:
content create Class(Web site to be monitored)
content edit Class(Web site to be monitored) , Owner( Self )
content read Class(Web site to be monitored) , Owner( Self )
content remove Class(Web site to be monitored) , Owner( Self ) This should make sure that users can only view, edit and delete their own monitored web sites. I then use a fetch() function in a template to fetch a list of all the web sites currently monitored. The strange behaviour is that some users have reported that the web sites of other users are appearing in this list when they're logged in. However, when they visit the printerfriendly version of the list, their own web sites appear. Also, when I create a guest account at my end through the same interface, only the web sites created by myself appear in my list. Does this make any sense to anyone. What could I be missing? Thanks in advance ! Sincerely, Eirik Johansen
Sincerely,
Eirik Alfstad Johansen
http://www.netmaking.no/
|