Invaluable module! An unfortunate issue has come up as a result of using nodeaccess, though.

node.module will generate a preview when a node is edited only if the user is allowed to create or update the node:

function node_preview($node) {
  if (node_access('create', $node) || node_access('update', $node)) {
...

I figure it's probably a bad idea to remove this if statement; what additional test can I add to allow a user/role with a nodeaccess update grant to preview the node?

Comments

Anonymous’s picture

Status: Active » Postponed (maintainer needs more info)

I don't think I really understand this comment. If someone has edit access, they can edit and preview a node. If they don't have edit access, they can't. Other than that I'm not really sure what you are asking.

mrtoner’s picture

Well, node_access() apparently returns True only if "Create Pages" or "Edit Own Pages" or "Administer Nodes" permissions are set. I could not get previews to display for roles granted Edit access (users other than administrators or the author) until I changed that line:

function node_preview($node) {
  if (TRUE) {
...
mantyla’s picture

Status: Postponed (maintainer needs more info) » Closed (fixed)

I can't imagine a scenario where this would happen. If you've reached the edit form, you must have already passed the node_access check. And node_access does take into account the node grants, unless it is a custom node type with its own access function which explicitly denies access under certain circumstances - that is the only sure way I know to truly deny access to a node type and ignore the node permissions completely.

There really isn't enough information here to go on, and since the issue is by now outdated, it can be closed.

mrtoner’s picture

Well, mantyla, the problem was not that the edit form was or wasn't being reached, but that node previews were not being generated for users with node grants. I'll not bother to re-open this issue, as it was originally against 4.7 and the workaround above solved it for my one customer using nodeaccess.