Last modified: 2014-02-12 23:38:34 UTC
If you have a form that has a field that is uses the restricted option, and a user triggers an autoedit of the page (either on the page via a button or using the API), if that user is not a member of the group that the restriction is for the edit will still be allowed, but the defaults of other restricted fields will change the fields back to their defaults. You can see the result of such an autoedit here: http://wikiapiary.com/w/index.php?title=Wikidata&diff=prev&oldid=28756 the form has been modified to move the restricted flags for now, but you can see the form as it was during that edit here http://wikiapiary.com/w/index.php?title=Form:Website&action=edit&oldid=28011 Ideally the initial edit should not be allowed, since the user is not a member of that restricted group. And the other restricted fields should not be reverting to their defaults. Here is the same behavior of fields reverting to defaults and the edit being allowed when it should not have, but this time resulting from a robot using the autoedit API. http://wikiapiary.com/w/index.php?title=Familienwortschatz&curid=13118&diff=28807&oldid=25748
The autoedit should now only act on the specified field. Restricting to user group needs to be done in SFFormPrinter::formHTML. Re-assigning to Yaron.
f.trott - can you clarify how SFFormPrinter::formHTML() needs to change?
formHTML generates the target page text from the form data and the form definition. In the process it needs to check if a field is restricted and if it is leave it unchanged.
