Details
-
Type:
Bug
-
Status: Done/Fixed
-
Priority:
Major
-
Resolution: Fixed/Completed
-
Affects Version/s: 2.1
-
Fix Version/s: 2.2.0
-
Component/s: Core CiviCRM
-
Labels:None
Description
A subscription page to any mailing list can be accessed with /civicrm/mailing/subscribe?reset=1&gid=X regardless of the Mailing list or Visibility setting.
Groups that have Visibility = User and User Admin should not provide a subscription page.
Groups that are set to Access control should not provide a subscription page. (pretty sure on this one, but maybe there's a good reason otherwise)
Desired behaviour is that when a group is addressed that does not have appropriate permissions, then a message saying "Sorry, unable to find a subscription" or something to that effect is shown.
To recreate on the demo server:
(See the Administrator sign-up page)
1a.. Visit http://drupal.demo.civicrm.org/civicrm/mailing/subscribe?reset=1&gid=1
1b.. Observe that the Administrator group appears when it shouldn't
2a.. Visit http://drupal.demo.civicrm.org/civicrm/mailing/subscribe?reset=1
2b. Note that when the subscription pages are specified without gid=, then the correctly filtered subset of groups appears.