Error in UserAction validateUpdate ?

  • Hi,

    I'm trying to update a user option through ajax.

    My code is:

    $proxy.setOption('data', {
    actionName: 'update',
    className: 'wcf\\data\\user\\UserAction',
    objectIDs: [ {@$__wcf->user->userID} ],
    parameters: { 'options': {
    {@$__wcf->user->getUserOptionID('myOption')} : myOptionValue }

    This throws PermissionDenied unless user has admin.user.canEditUser permissions.

    However UserAction.class.php implies that the user should be allowed to edit his own options outside of ACP:

    It seems to imply that it will allow "editing ourselves" but in practice the whole try..catch statement does absolutely nothing; it does some if's and some counting, but no matter what the result is PermissionDeniedException

    To do what the code implies and to seemingly have this make sense the final exception should be put in an else statement like this:

    Wouldn't you agree?