Radio buttons on posts pending approval are viewable to non-admods #242

etjossem opened this Issue Jun 12, 2012 · 4 comments

2 participants


I'm having a fairly significant set of authorization issues with my unmoderated posts, along the same lines as #220. On all posts pending approval:

1) Anonymous users can see the moderation_tools radio buttons (though access is denied if they try to use them).
2) The user who wrote the post can see the (access denied) radio buttons, not just the message explaining moderation.
3) All registered users can see the author under Last Post in the forem index.

Just so we're on the same page, my Gemfile says gem 'forem', :git => "git://", :branch => "master" and I've recently run an update. All appears to be normal for admins and mods.

@radar radar closed this in 179c875 Jun 18, 2012

I believe this to be fixed now with @179c875. Please let us know if you have any more trouble.


2) is still an issue. Users can see the radio buttons on their own unapproved posts, even if they are not an admin, as follows. User "Bob-O Smith-O" is not an admin.

Screencap of issue

Ideally, he should only see a "pending approval" message.


I can move this to a separate issue if you like, seeing as you already fixed (1) and (3).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment