Details
-
Type:
Bug
-
Status: Done/Fixed
-
Priority:
Major
-
Resolution: Fixed/Completed
-
Affects Version/s: 1.5
-
Fix Version/s: 1.6
-
Component/s: None
-
Labels:None
Description
All users are shown a link to ">> View Contact Record" on the "My Account" page, regardless of whether or not they have permissions to view their own contact record.
If the user does not have permission to view their own contact (i.e. they are not assigned a role that has "View Contacts in ..." for a group that they are a member of) then they will get an error:
"This page is not redirecting properly" - the link is cyclic
If they do have permission to view their own record all is fine.
I could not test on the demo site as the demo user has full civicrm access and I couldn't create a new user.
This link should not be shown if a user does not have permission to view their own contact.