This module is very nice but it does not respect Group (Organic Groups) content access permissions. If I create content to be accessible only for a specific user group it shows up in the archive list even when a user who isn't a member of that group is logged in and also when a visitor (non-authenticated user) is browsing the list.

I hope there will be a fix for this.

CommentFileSizeAuthor
#2 contrib-4-7.archive.junyor.patch1.48 KBjunyor

Comments

junyor’s picture

junyor commented

The same thing happens with the taxonomy_access module.

junyor’s picture

junyor commented
Priority: Normal » Critical
StatusFileSize
new contrib-4-7.archive.junyor.patch1.48 KB

Here's a patch for 4.7. The _archive_query() function didn't use db_rewrite_sql().

junyor’s picture

junyor commented
Status: Active » Needs review

By the way, this patch also fixes a problem where the pager wasn't working.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Needs review » Fixed

_archive_query() does not run any queries anyway, the db_rewrite_query() should be added where it is used. I have done that now in the 5.x branch.

I don't know what "other pager problem" you are talking about, maybe you can elaborate?

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)