Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-9335

Relationships tab doesn't respect ACLs

          Details

          • Type: Bug
          • Status: Done/Fixed
          • Priority: Major
          • Resolution: Duplicate
          • Affects Version/s: 4.0.7, 4.4.14, 4.6.4
          • Fix Version/s: 4.7
          • Component/s: Core CiviCRM
          • Labels:
            None
          • Documentation Required?:
            None
          • Funding Source:
            Needs Funding

            Description

            See http://forum.civicrm.org/index.php/topic,22007.0.html

            • When viewing the Relationships tab on contact summary, all related contacts are shown, regardless of whether the user is permitted by ACL rules or hooks to see them.

            Patch attached, needs much more testing and vetting for general sanity - see comments at http://forum.civicrm.org/index.php/topic,22007.msg94889.html#msg94889 .

              Attachments

                Issue Links

                is duplicated by

                Bug - A problem which impairs or prevents the functions of the product. CRM-16711 Security breach of data: contact details accessible via relationships

                • Major - Major loss of function.
                • Done/Fixed

                  Activity

                    People

                    • Assignee:
                      colemanw Coleman Watts
                      Reporter:
                      davej Dave Jenkins
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      1 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: