Taxonomy Access Control using node_access

Hi pyromanfo,

Just a few smaal things I learned on drupal.org. drupal developers use the -u flag when patching (unified), this makes the patches much better readable.
The other thing is the use of tgz. preferably patches are committed in plain text. That way its much easier to review. Another really minor thing is your use of tabs. In all drupal code two spaces, instead of tabs are used. I saw you have a couple of tabs and a couple of spaces.

But all in all I think this patch can be usefull indeed.

Thanks pyromanfo. I haven't looked at the patch yet. I just wanted to point out that I'm not going to include a permission scheme in the Drupal 4.5.0 distribution yet. It might be a good candidate for inclusion in Drupal 4.6.0 -- time will tell. In the mean time, this is best maintained in the contributions repository. I suggest you check with JonBob first.

"Dries, how do I contact JonBob? I can't send PMs and I can't find his email anywhere, even on his website."

The devel list (or maybe IRC) is my preferred mode of communication.

"Also, are these replies always supposed to show up on the mailing list? Or is setting it to postponed keeping that from happening?"

Only items set as "patch" get sent to the devel list. Many developers (like me) subscribe to e-mail notifications on all issue types, though.

I agree that this should be started as a contrib module. There is a term-based access module in my sandbox you could look at, if you haven't already. The thing it does not handle is removing terms from listings (like forum indices) if the user does not have view permissions for a term. Your patch doesn't appear to handles this yet either, but I have not yet had time to look at it thoroughly. That's the only issue I think could not be solved entirely by a contrib module.

I'm suggesting a .module file. Modules can inject pages anywhere in the menu structure, so there's nothing stopping you from adding a page at /admin/user/whatever for configuration.

I'm not sure what you mean by "patching the node view." Reread carefully what I wrote: I'm talking about removing *terms* from *term listings*, not *nodes* from *node listings*. The latter is already handled quite well.

Beautiful! I love it. just what I needed.

My only request now is to add an option to have perms per vocabulary. Maybe the best way to do this would be with some javascript. When you check a checkbox next to the vocab name, it automatically selects all checkboxes for all terms in that vocab. Maybe I'll see what I can come up with...

And what happened, did you ever get CVS access to make a new contribution? This should be put up there.

p.s. The taxonomy.module patch doesn't seem to work. It applies (not cleanly), but doesn't prevent taxonomy terms from being displayed.

p.p.s. Huge TIP for anyone out there trying to use this. You must reset the default node permission in "node_access" table in your database. It is by default set up to let anyone view any nodes (hence the '1' for 'grant_view' in the 'all' realm). That '1' needs to become a '0' in order for this module to work (IF you are setting up view permissions. If you are keeping view permissions for everyone, it doesn't matter. But if you set it to '0', you must add view permissions for every term and every role you want to have view permissions...)

reassigning to correct project.

That's not my experience, but I was using the older version posted here, with the taxonomy.module patch that didn't work. I'll try it all again with a fresh install and the new project you just uploaded to cvs.

Thanks again, this is a wonderful module. I was dreading writing this over the weekend, until I stumble across this thread... ;)

hey.
Today I have been looking into best way to create access control to 'groups'. I started with this module and will be looking more closely at the jonbob's node level access modules as well.

I installed this taxonomy mod and here are a few things I am noticing. It works, however:

- When user creates content, they are able to post into categories that they do not have permission to read/write/edit.
This is what appears when I post to a category that I do not have access to:

"Your forum topic was created."
"You are not authorized to access this page."

So, two things should be reviewed. One is to filter the list of categories to only display those that the user has access to and the other would be to block a user from adding content to a category that they do not have access to.

- This other issue may be something that the new block access module can handle.... but i don't think that users should see categories (that they have no access to) listed in category block or any other block that displays any data at all from a category that user does not have access to.

I am not suggesting that these issues should be resolved strictly within this module, but regardless, these are some thoughts and observations.

I also am trying to figure out how best to create groups/clubs in drupal so that members of such groups can have their own group nodes (forums, blog, files etc). Maybe i need to look at this from a sub-node perspective. Meaning, each node can have a sub-node that is meant to be binded to a specific category which is binded to a specific role. Or, maybe flexinode could use the function of adding content type nodes to specific roles. Still trying to conceptualize which is best approach... and I have read alot of drupal notes on all this stuff... including jonbob's latest work.

babble_out

howso?
i just used the patch from http://cvs.drupal.org/viewcvs/contributions/modules/taxonomy_access/taxo...
and here are results:
patching file taxonomy.module
Hunk #1 FAILED at 106.
Hunk #2 succeeded at 418 (offset -18 lines).
Hunk #3 succeeded at 433 (offset -18 lines).
Hunk #4 succeeded at 451 (offset -18 lines).
Hunk #5 succeeded at 470 (offset -18 lines).
Hunk #6 succeeded at 494 (offset -18 lines).
Hunk #7 succeeded at 514 (offset -18 lines).
Hunk #8 succeeded at 554 (offset -18 lines).
Hunk #9 succeeded at 594 (offset -18 lines).
Hunk #10 succeeded at 683 (offset -18 lines).
Hunk #11 succeeded at 730 (offset -18 lines).
Hunk #12 succeeded at 750 (offset -18 lines).
Hunk #13 succeeded at 918 (offset -18 lines).
1 out of 13 hunks FAILED -- saving rejects to file taxonomy.module.rej

Nothing seems to have changed... at least not that i can tell. I still can post into categories i do not have access to.
hunk 1 failed....

pyro-
i started a fresh cvs drupal install and again tried out this module (cvs version). maybe i should just wait for the merged updated version?

to be clear- the taxonomy.patch is only meant for 4.5 version of taxonomy.module or cvs?
will this taxonomy_access.module from cvs work with drupal cvs ?

right now, i am back to where the access control works except for when creating content as all categories are selectable to post into by users who should not have access.
I had problem with patching taxonomy.

thanks for any clarification.

sull