We're upgrading our support forum. Replies are currently closed. Please view our Documentation and FAQ using the menu above.
Unfortunately, my ‘client’ user role, without edit or delete permissions, can still edit or delete the Change Request regardless of anything.
I have a feeling this may be connected with my Q6? This is because in the Websites section >> Change Requests, there is an option labelled ‘Linked Job’. For me, when I choose which job to link, and then save website (there does not seem to be any other save function for this particular process), the page does NOT reflect this selection upon reloading – certainly, the previously selected job from the list of jobs is not selected in the select field as expected – perhaps this settings data is not making it to the db?
I have a feeling this is close to the mark as the JS you have in place to prevent accidentally leaving the page after this setting/change is made works just fine – it’s presence indicates the importance of the setting?
I guess therefore that my user role can edit and delete, because the job isn’t actually linked to the change request? But still, permissions are not set to do those things, for the role.
In my testing with actions that can be taken by user role, I am using Chrome, and for admin work Firefox, to be sure there is not any issue with session cookies and user ID’s on the same browser – just in case.
Hope this helps.