I've run into a problem with permissions, and before I call it a
bug I'd like to understand better how this is *supposed* to work.
Unfortuntely, I can't find any docs on this stuff. I'm working with
ACS Classic, but I thought that since most of the porters seem to
hang out in this bboard someone might have found something
that could help clear this up.
The situation is this:
The code does a permission check like this:
ad_require_permission $user_id permission_needed
I go to /permissions, find the link for the module, and grant the
proper permission to the proper user (suffering with all the
drop-down nonsense alraedy discussed).
User still doesn't have permission.
I go back to /permissions, find the link for the user, and do the
same grant again.
Now the user has permission. And I am terminally confused as
to why this should be.
A grep for ad_require_permission shows that it's usually called
on the object_id, which I believe would have worked after my first
grant, but sometimes it's called with user_id, group_id,
category_id, etc, each of which (I believe) is going to require a
grant to the particular id being checked, *from* that id's
permission page.
I thnk that this inconsistency is going to drive people bonkers...
unless I'm missing something?