-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[3.0.x.x] Extension Uninstallers not removing access/modify rights #13584
Comments
I see what you mean. Ideally the remove would need to be added to each extension type's uninstall. Some extension types add more than one path. opencart/upload/admin/controller/extension/extension/analytics.php Lines 23 to 28 in de1c968
|
@ADDCreative : I think you are right. Perhaps it might be good to create a new function in the admin/model/user/user_group.php, like this:
and then use it in the relevant uninstalls in the admin/controller/extension/extension/*.php files. |
@mhcwebdesign Yes, something like that would do the job. Looking at the extra 'Compatibility' routes add by each install in admin/controller/extension/extension/. I can't see what they are for. If you goto the User Groups in the admin and save they seem to get removed. |
I have now merged some bugfixes for this to the 3.0.x.x branch, see #13602 |
An extension's uninstall method doesn't currently remove its access rights.
For example, when uninstalling an extension/module/filter via the admin backend's uninstall at Extensions > Extensions > Modules > Filter Uninstall it still keeps the access rights, and next time it gets installed at Extensions > Extensions > Modules > Filter Install, it just adds its access/modify rights another time. Hence the DB table oc_user_group gets multiple entries for 'extension/module/filter' for the 'access' and 'modify' in the json field oc_user_group.permission.
Proposed remedy:
In system/config/admin.php add an event handler for the 'controller/extension/*/uninstall/after' trigger:
And this new event handler would do something like this:
Any thoughts or feedback on this?
The text was updated successfully, but these errors were encountered: