Staff can see custom navigation menu group editor

bug
1

It appears that all staff seem to have access to the editor for custom global menu sections, although if anyone but admin tries to save changes, a permission error is generated. Only admins should be able to see the pencil editor buttons and access the custom menu sections modals (not all staff). Also, only admins should see the globe icon that indicates a public menu section. Mods can see both the globe and pencil icons.

Repro: (first two screenshots in safe mode)

  1. Make a custom global menu section with admin account (or with a moderator staff account!)
  2. Log in with a Moderator account and see globe and pencil icons in global menu section

staff_edit_menu
staff_edit_menu958×513 107 KB

  1. Try to edit the custom section and make a change and click save button.

staff_edit_menu_2
staff_edit_menu_2944×723 70.9 KB

Permissions settings for moderator (non-admin staff) used in screenshots above.

mod_permission
mod_permission958×649 71.8 KB

4 Likes
2

The first step can also be “create a new custom section with a staff, non-admin account”. The behavior is the same.

I can repro the issue. The checkbox shouldn’t appear is we don’t have the right to change a section globally. :slight_smile:

4 Likes
3

oh I didn’t even try that part doh! Thanks for pointing that out. I will add to OP.

1 Like
6

Thanks for the report @Lilly! The UI did indeed not reflect the fact that a moderator cannot create, edit, or delete a public category. This has been solved in the fix below:

8 Likes
7

Nice work @ted! thanks for the response and fix :slight_smile:

4 Likes