Details
-
Type:
Bug
-
Status: In Progress
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 4.7.19
-
Fix Version/s: None
-
Component/s: CiviCRM API
-
Labels:
-
Versioning Impact:Patch (backwards-compatible bug fixes)
-
Documentation Required?:None
-
Funding Source:Needs Funding
-
Verified?:Yes
Description
Additional permissions are now required to register for an event via api. To get this to work, I had to add the permission, `Access CiviCRM`. I had done this after trial and error when I saw that the helper text for this permission states, "Access CiviCRM Backend and API". Previously, I was always fine with just having the API specific permissions allowed, as well as the Register for Events and View Event Info permissions.
The previous version of CiviCRM that I was running was 4.7.13, and this all worked fine without the `Access CiviCRM` permission.
I don't believe this permission should be required as we don't want backend access of CiviCRM exposed publicly.
Attachments
Issue Links
- supplements
-
-
- Done/Fixed
-