Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-14171

Give configuration warning if Anonymous role is granted inappropriate permissions

          Details

          • Type: Improvement
          • Status: Done/Fixed
          • Priority: Major
          • Resolution: Fixed/Completed
          • Affects Version/s: 4.4.3
          • Fix Version/s: 4.5
          • Component/s: Core CiviCRM
          • Labels:
            None

            Description

            There is almost never a reason to grant 'access CiviEvent', 'access CiviContribute' (i.e. 'access $component') to the anonymous role. However some sites are configured this way due to confusion about permissions required to allow anonymous constituents to make contributions, register for events, etc.).

            We can help prevent mis-configurations by checking for unexpected assignment of component permissions to the anonymous role and warn the administrator.

            This task will require creation of a new System class which can query the host CMS for the CiviCRM permissions granted to a specific role.

              Attachments

                Issue Links

                is supplemented by

                Improvement - An improvement or enhancement to an existing feature or task. CRM-14702 Implement configuration warning for Joomla

                • Minor - Minor loss of function, or other problem where easy workaround is present.
                • Open

                  Activity

                    People

                    • Assignee:
                      generalredneck Allan Chappell
                      Reporter:
                      dgg David Greenberg
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      4 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: