Guides Permissions Backdoor
Go To This Ticket's Page
Creator	tayluca
Public or Private	Public Private tickets are only accessible to you and to DKPSystem.com staff Public Tickets are visible to everyone)
Status	Closed
Type	Bug
Section of the Site	Other/Misc
Urgency	(0 votes)
Rating	(0 votes)
Description: On the guides section of the website. The permissions are correct in that the proper ranks are seeing what they are supposed to. However, you can still see the link titled "View Version History and Roll-Back Process" and when clicked, you can view previous information contained in the guide no matter what rank you are. I don't believe this should be allowed. Usually revisions contain the same information but minor changes to it. If we wanted everyone to see this information, we wouldn't bother setting a rank for it in the first place.
Official DKPSystem.com Comments This has been fixed.

This is by design and for ranks that don't have access to change the guides, they don't have access to roll back a change. It's merely a read-only way for users to view the version history.

--
It's all in the reflexes.

So, we have the choice to tell the system who we want to have "View" and "Edit" access but we can't tell it not to let those people have access to previous versions of it. Maybe I'm not understanding they way it's supposed to work or I didn't explain it better in my OP.

Example Guide
Things we can set in admin:
View Permissions: Class Leaders and Officers
Edit Permissions: Officers
Things that we can't set in admin:
Roll Back Versions View Permissions: EVERYONE

Do you see what I'm getting at? They may not be able to actually roll back the guide to another version but no matter their rank, whether they're logged on or not, everyone can SEE the previous versions.

This is working as intended?

I see what you're saying. The "View" permissions should be applied to the "Roll Back View" but currently aren't. That is a problem. Thanks for clarifying.

--
It's all in the reflexes.