diff --git a/lib/WebGUI/Asset/Shortcut.pm b/lib/WebGUI/Asset/Shortcut.pm index 71ee37b05..e8af8cf52 100644 --- a/lib/WebGUI/Asset/Shortcut.pm +++ b/lib/WebGUI/Asset/Shortcut.pm @@ -216,7 +216,6 @@ sub canManage { } #------------------------------------------------------------------- - =head2 discernUserId This utility method is used to determine if the user should be shown the view of the @@ -225,8 +224,8 @@ Shortcut that the Visitor would see, or their own. =cut sub discernUserId { - my $self = shift; - return ($self->canManage && $self->session->isAdminOn) ? '1' : $self->session->user->userId; + my $self = shift; + return ($self->canManage && $self->session->form->get('visitor')) ? '1' : $self->session->user->userId; } #------------------------------------------------------------------- @@ -481,7 +480,7 @@ admin mode is on. sub _overridesCacheTag { my $self = shift; #cache by userId, assetId of this shortcut, and whether adminMode is on or not. - return join "", "shortcutOverrides", $self->getId, $self->session->user->userId, $self->session->isAdminOn; + return join "", "shortcutOverrides", $self->getId, $self->session->user->userId; } #------------------------------------------------------------------- @@ -995,13 +994,18 @@ sub www_getUserPrefsForm { action => $self->getUrl, extras => 'onsubmit="submitForm(this,\''.$self->getId.'\',\''.$self->getUrl.'\');return false;"', ); - my $allowedToSave = ( ! $session->isAdminOn && $self->getParent->canPersonalize ) - || ( $session->isAdminOn && $session->user->isInGroup($session->setting->get('groupIdAdminUser')) ); + # Admins are allowed to edit visitor's preferences + my $editingVisitor = $session->form->get('visitor') eq 1; + my $allowedToSave = ( ! $editingVisitor && $self->getParent->canPersonalize ) + || ( $editingVisitor && $session->user->isInGroup($session->setting->get('groupIdAdminUser')) ); if ($allowedToSave) { $f->addField( "hidden", name => 'func', value => 'saveUserPrefs' ); + if ( $editingVisitor ) { + $f->addField( "hidden", name => 'visitor', value => 1 ); + } } my $u = WebGUI::User->new($session, $self->discernUserId); FIELD: foreach my $fieldId (@fielden) { @@ -1093,13 +1097,14 @@ the form would allow someone who is not a User Admin to alter Visitor's profile. sub www_saveUserPrefs { my $self = shift; my $session = $self->session; + my $editingVisitor = $session->form->get('visitor') eq 1; return '' unless $self->getParent->canPersonalize - || ( $session->isAdminOn && $session->user->isInGroup($session->setting->get('groupIdAdminUser')) ); + || ( $editingVisitor && $session->user->isInGroup($session->setting->get('groupIdAdminUser')) ); my @fellowFields = $self->getPrefFieldsToShow; my %data = (); $self->uncacheOverrides; my $i18n = WebGUI::International->new($session); - my $u = WebGUI::User->new($session, $self->discernUserId); + my $u = $editingVisitor ? WebGUI::User->new( $session, '1' ) : $session->user; foreach my $fieldId ($session->form->param) { my $field = WebGUI::ProfileField->new($session,$fieldId); next unless $field; diff --git a/t/Asset/Shortcut/forms.t b/t/Asset/Shortcut/forms.t index 906f0d4e7..c2fd1d985 100644 --- a/t/Asset/Shortcut/forms.t +++ b/t/Asset/Shortcut/forms.t @@ -52,6 +52,14 @@ $mech->submit_form_ok( { } ); is( $mech->session->user->get('alias'), "myself", "alias gets set" ); +# Admin is allowed to edit visitor's prefs +$mech->get_ok( $shortcut->getUrl( 'func=getUserPrefsForm;visitor=1' ) ); +$mech->submit_form_ok( { + fields => { alias => "visitor" }, +} ); +isnt( $mech->session->user->get('alias'), "visitor", "admin alias doesn't get set" ); +is( WebGUI::User->new( $mech->session, '1' )->get('alias'), 'visitor', 'visitors alias set' ); + #---------------------------------------------------------------------------- # editOverrides @@ -62,7 +70,6 @@ $mech->session->user({ userId => 3 }); # Make sure edit form has a link to edit the override $mech->get_ok( $shortcut->getUrl( 'func=edit' ) ); -diag( $mech->content ); $mech->follow_link_ok( { url_regex => qr/func=editOverride;fieldName=title/ }, "Follow the link to edit the override",