Access rules

Hi all, I have a question relating to the editability of attributes on a page with 2 modules roles assign to the user. The first module role that the user is using has read/write access to all the attributes and the second module role only has read access to the attributes. Why will the user not be able to edit any fields with these roles combined? The editability on the attributes on the page is set to default.
3 answers

Does the surrounding dataview (and possibly listview) have editability set to yes? 

Do you have a specialization object where you have defined the access rules, but using (editing) the generalisation object in the dataview? 

PS: you should consider updating to at least 7.23.19 because of a security issue in your version. ( )


Hi Thomas,

Looks like there is something else in your case. I just tested this scenario:

  1. Created an Entity with three attributes
  2. Created two module roles User and Manager.
  3. Gave full read  write access to Manager on all the three attributes
  4. Gave only Read access to the User on the three attributes
  5. I assigned both the module roles, User and Manager role to the User Role “Administrator
  6. When I go in as Administrator, I can edit the field

The surrounding dataview have the editability set to yes. We are on 7.23.19 there is just no 7.23.19 option when posting a question. The access rules has been set up in the module security for the entity and associated entities.