Needs review
Project:
Organic Groups create permissions
Version:
7.x-1.x-dev
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Issue tags:
Reporter:
Created:
15 Apr 2011 at 09:19 UTC
Updated:
23 Jan 2013 at 11:39 UTC
Jump to comment: Most recent file
Comments
Comment #1
enrico200165 commentedtypo, subject should have read "Attempt to post to an illegal group"
The book page whose group I try to change has been created by user1, not by the Drupal administrative user (and group creator and administrator) I use when unsuccessfully trying to change the group of the book page
Comment #2
mightaswell commentedsame here. only seems to happen on books.
-- edit: This is happening on custom content types that are group types as well.
Comment #3
Vilas Boas commentedHi
I'm also getting the same error when trying to post an existent article on a public group.
Comment #4
theullrich commentedi am having the same trouble. anyone found a solution yet? i have went back through all the settings i have twice cant find what might be causing it. this seems like such an awesome module.
-update-
tried reinstalling views, panals, og, og-permision, and entity api. No change.
Comment #5
theullrich commentedFinally had to do a reinstall. I could not trouble shoot the error after several hours of trying to figure it out. Still using the same everything so idk what the problem was but it is working now. If someone else wants to try and fix this i have the old site still that i can send just message me.
Comment #6
amitaibu@theullrich ,
If you can attach the db dump here, I can try to test it on my local.
Comment #7
theullrich commentedhere it is
Comment #8
theullrich commentedit happed again on a brand new website. any ideas?
i even tried to use the example group. Same result.
Comment #9
theullrich commentedhere is the db.
Comment #10
amitaibuI have imported the DB from #7. It seems you didn't run update.php and executed og-migrate plugins. I get no error message after running those.
Comment #11
theullrich commentedawesome i thought i did. i did not know i had to. i did not upgrade, i started with the dev.
Comment #12
nakins commentedI'm also having this issue. However, I started out with 7.0 and placed modules in the wrong folder. I also had the message about upgrading to 7.2. So, I deleted my 7.0 files, and dropped all the tables from my DB, and installed 7.2. I'm following the video from the Internet Archive and discovered the issue after creating a new content type called Group Articles, instead of making Article a group content type. After making the content type, I tried to "Add Content" and when I select the group to post it to, I get the error. I've tried to make articles a group content type as was done in the video and got the same error.
Is there a particular situation that generates this error, or is this error message a generic one that is displayed for a number of situations? I'm kind of stuck here. Please help.
Comment #13
theullrich commentedi would just uninstall the module if you can and install the dev.
Comment #14
nakins commentedI was able to avoid the errors I was getting by doing a complete, fresh install of Drupal and Organic Groups (along with modules required). The only thing that was different was CTools, as it was a newer version. I don't know if the issues was with CTools or not. I installed OG, CTools, Views, Panels, Entity API. I did not enable all options in these modules, except for OG. Specifically, I did not enable Entity Tokens. I basically set the module setting according to what is found in the video from Lewis Tech Web Design, except I enabled everything in OG. Maybe this will help someone else.
Comment #15
amitaibuI can't reproduce, and errors seems to come from people not upgrading from version to version properly, so setting correct status.
Comment #16
jungie71 commentedI know it is closed but I am still getting
"Attempt to post to an illegal group" error
and I have updated all... like everything... module, core and every other things but I still get that error
Can you at least tell me when this error might occur? other than when having outdated modules?
I am really new to drupal so I might be doing something really wrong...
It is kinda frustrating because I was working fine but suddenly it is giving me this error message.
sorry but please help me~!!
Comment #17
jungie71 commentedyea I have done everything i can to not get that error but I just can't...
I am getting that error message whatever I do now..
I can't even see which module is causing the trouble... I just know that there is something wrong with this right now
I am completely stuck
Help me please~!!
Changing the status
Comment #18
nakins commentedI had the same issue and I was using drupal 7.0. I started over with D 7.2 and there was a newer version Chaos tools or Entity, can't remember which. I think the problem is with these two modules. I would like to know what versions you, Amitaibu, and others are using to test on or develop with.
Comment #19
theullrich commentedplease post your db so Amitaibu and i can look at it.
Comment #20
jarush commentedI have the same error with the fresh install D7.4 & OG Rc3...
Comment #21
theullrich commentedFf you go to organic group field settings make sure that there is a tab user, and when you select that Groups audience is there.
Comment #22
Taxoman commentedChanging to Major if this is indeed also happening on D7.4 and OG RC3.
Comment #23
Taxoman commented#20/@jarush: please inform about which versions of cTools and Entity you had in that test environment.
(if -dev version(s), can you specify their date(s) too, please)
Comment #24
jarush commentedI have refresh installed all the modules(all are dev version, include og),,, and the error still there...
Comment #25
StephanieD commentedNew to OG, and getting this error. In debugging the og_create_perms.module, the function og_create_perms_field_attach_validate is validating that the user account is a member of the group, and sending this error if not.
The problem appears to be that the user account used is the one associated with the original creation of the node, not the user currently editing the node.
Not sure what the original intent was, but it would seem that if the current user has access to additional groups, and is able to edit the node, the current user should be able to save the node with changed groups.
I see the error where the user that created the node, uid 4, has access to gid 1 only. I am attempting to save the node with uid 1, which has access to gid 1, 2, 3. The above function is using uid 4 to check group access rather than uid 1.
Anyway, I did a small workaround by assigning the global $user to $account in the above function. Not sure what the full ramifications of that are, but I can save my content now!
Comment #26
amitaibu> og_create_perms.module
This is not an OG core module. please test without it, or report in the module's issue queue.
Comment #27
amitaibuAdding tag
Comment #28
amitaibuAs I have never reproduced this issue, and people don't send their DEV db, I keep it open for few more days, and after that I'll close it. If you want it fixed, please help fix it...
Comment #29
reecemarsland commentedDisabling og_create_perms did it for me. Obviously the issue is there.
Comment #30
amitaibuCorrect project
Comment #31
bjlewis2 commentedCheck this thread and test the code.
It is designed to only show groups that you are allowed to create content in in the groups audience field when you are creating content. *wow, long sentence* I think this would prevent the "illegal group" error because you wouldn't be able to choose an "illegal group" in the first place.
http://drupal.org/node/1139180
Comment #32
isampo commentedAlso bumped into same issue that's on #25.
Is there some reason why the user is loaded from the node object in the first place?
Anyway, here's mini-patch with the same solution StephanieD ended up with.
Comment #33
mrfelton commentedHere is the same patch again, but I think you should be loading the user object with user_load rather than assigning the global user variable to $account.
Comment #34
mrfelton commentedComment #35
mrfelton commentedAlso, this validation should only be performed when creating new content, not when editing it. Otherwise, users with the permission to edit content within their own group (permissions provided by og module) get overriden by this module and they get denied permission with the 'Attempt to post to an illegal group' message. This module should only handle the permissions for creating content, Revised patch attached.
Comment #36
mrfelton commentedAlso, I think this needs to respect OG's og_node_access_strict setting. Otherwise, you can't post to your own group unless you are a member of it.
Comment #37
ruess commentedThanks to those who patched this!
Comment #38
guillaumev commentedcan confirm the patch in #35 fixes the issue.
Comment #39
davvid commentedWith patch #35 applied I can edit existing content (and change group) but I can't create new one. Any idea why?
Comment #40
lex0r commentedYou need to ensure that account you use to post a new node is a member of that group. Otherwise you are not allowed to post content, even if you are the admin (uid 1) .
Comment #41
lex0r commentedThe patch from #35 is not quite ok. The validation should happen not based on node state (new/old) but in dependence of who is editing it. If editor has the right to post to a group he can move that node to that group, and only to that group. The patch however doesn't respect this rule and allows non-members to post to a group. This is definitely a bug. I made a patch that fixes that. It only differs in one check removed from the main validation condition.
Also, I put this case into critical to attract more attention since those who use the first patch have a security hole...