Closed (cannot reproduce)
Project:
Taxonomy Access Control
Version:
6.x-1.3
Component:
Integration with other modules
Priority:
Normal
Category:
Support request
Assigned:
Unassigned
Reporter:
Created:
24 Feb 2011 at 21:46 UTC
Updated:
16 Jul 2011 at 13:43 UTC
Jump to comment: Most recent file
Comments
Comment #1
xjmCan you post screenshots of your authenticated user role TAC configuration, as well as any other roles these users might have? Set issue to "active" once you have this info.
Comment #2
xjmAlso, are you using core forums? AF?
Comment #3
xjmComment #4
CobraMP commentedI am using advanced forums.
In these screen shots I currently have authenticated denied again even though I don't believe that is necessary, only to grant to the moderator role should be, if I understand correctly.
anonymous, authenticated and moderator are the only 3 roles I have enabled for tac
Comment #5
CobraMP commentedoops forgot to set active
Comment #6
xjmEdit: I just tested using approximately the configuration in your screenshots, and I was unable to reproduce this behavior using either core forums or advanced forums. In both cases the restricted container I created is properly hidden. Can you confirm the following:
Some general troubleshooting to try:
admin/content/node-settings.Comment #7
xjmComment #8
xjmComment #9
CobraMP commentedTAC 6.x-1.3 -- drupal 6.16 -- advanced forum 6.x-1.1
other forum or access related modules:
Advanced User Management 6.x-2.3
Author Pane 6.x-1.1
Signatures for Forums 6.x-1.0
Taxonomy Other 6.x-1.1
attached authenticated view and mod view of forum. anonymous could not see it
troubleshooting complete:
cache cleared > rebuilt permissions
3. TAC troubleshooting: http://drupal.org/node/731850.
---------------------
will try complete uninstall / re-install tonight -- seems i've done that tho :(
Comment #10
CobraMP commentedCompletely uninstalled tac, verified tables were gone. Just upgraded entire site to 6.20 and all modules to latest. Still get mod forums listed just as before.
Comment #11
xjmAlright, I tested again using exactly your forum vocabulary with the same versions of TAC, core, AF, and author pane and the same permissions configuration. I am still not getting the behavior in your screenshots. What I see instead is in the attached screenshots.
However, I can get the behavior in your screenshots if I grant the authenticated role list permissions for the moderator forum terms (with V/U/D still set to Deny).
So, the next thing I'd suggest is to double-check that the authenticated role has List unchecked for all the moderator forum terms. It is in your screenshot, but best to make sure.
If List is indeed unchecked, then that leads me to suspect another module is interfering with TAC's
hook_db_rewrite_sql(). Troubleshooting to try (hopefully you have a non-production version of the site available):Comment #12
xjmComment #13
CobraMP commentedyikes. finally got my local test site working...
de-activated and uninstalled everything except: Forum, Comment, Taxonomy and TAC
changed to garland theme
removed all roles accept anonymous & authenticated
cleared cache, uninstalled TAC and re-installed it -- still viewable (see attached)
Further testing:
created a new forum and can't block it
created new container and can't block it
removed grant permissions to mods role but they can still see and access them
------------------
installed forum access and was able to block but afraid to use both modules at the same time as there are other taxonomies besides these forums that I block.
Comment #14
xjmAnd you're quite certain no role other than the moderator role had List permissions for any of these forums or container terms? I'm completely baffled, because I can't duplicate this on my local test install using the same everything. The restricted forums disappear when I uncheck List for the authenticated user role for those terms, and reappear if I recheck it.
Last shots in the dark:
How list permissions work
Since I can't reproduce the problem, I'll try to explain how the list permissions work so that you (or anyone else who has this problem) might be able to troubleshoot it and find out what's causing the bugged behavior.
The bit of TAC that should hide these forums from unauthenticated users is in the module's hook_db_rewrite_sql(). Any query that includes taxonomy terms gets a WHERE clause added that restricts the terms it can select to those for which the authenticated user has List permissions.
Authenticated user
See attached screenshots 1 and 2.
When I view the forum page as my test user (who has no role other than authenticated, and no list permissions for the moderator forum terms), these are the queries that I see in the devel query log:
This query selects a list of all the terms and vocabularies for which the authenticated role (
tgd.rid IN (2)) has list permissions. The results of this query add a WHERE clause to the next query in taxonomy_get_tree():So, when the forum module requests a taxonomy tree for my forum vocabulary (
t.vid = 6in my case), it selects only the term for the member forums (t.tid IN ('84')for me) and so the other forums aren't rendered.Moderator
See screenshots 3 and 4.
When I log in as my test moderator instead, these are the queries:
So it selects the allowed terms and vocabularies for roles 2 and 7, my moderator role (
tdg.rid IN (2,7)), and as a result more terms are added to the where clause for the query in taxonomy_get_tree():So this time the terms for the member forum, moderator container, and two moderator subforums are all included in the where clause (
t.tid IN ('84','88','89','90')), and the forums are rendered.I know this is probably more than you ever wanted to know about TAC's internals, but since I don't see this bug I'm not sure what else to suggest.
Comment #15
xjm