Update cac_lite.module for the Drupal 5 access control architecture

This is related to some of the reports of cac_lite not working (see http://drupal.org/node/89825).
I was having the same problems as people report there, and created a patch to help, which
brings the module more into line with drupal 5 requirements.

This patch is primarily an attempt at fixing the issue of anonymous users not being able to access any content when cac_lite is enabled (under drupal 5).

I am new to the category module and cac_lite (using it only 3 evenings now). I am still in the process of deciding if the category module is for me, but decided to try and get cac_lite working to better assess it. As I am so new to things, please treat this patch carefully.

How the patch works:

It brings cac_lite closer to tac_lite in the following ways:

1. removes nodeapi stuff and moves the node_save code into the node_access_records hook. This hook passes on grants to the node module (i.e. cac_lite no longer manipulates the node_access table itself, but leaves it to the node module to do). This was needed as the node.module was wiping the changes cac_lite was making to the node_access table.

2. cac_lite_node_grants has been changed so that it no longer checks for "administer_cac_lite" user access. This is a downgrade of functionality, but was essentially the main block for the anonymous users. This ability could be added back by a quick node_access table lookup, but I will leave that for if I decide to start using category.

I hope anyone may find this patch useful.

Andrew

I'm working on a patch to keep cac_lite in sync with its sibling, tac_lite. And of course working on DRUPAL-5. Will follow up shortly.

Here's another patch which I think does the trick. I ask anyone who can to give it some testing.

I'm not sure what the issue is with anonymous users. Care to elaborate?

Now I see the issue regarding anonymous users - so never mind about that!

Forgot to mention... the patch in #3 will move the cac_lite settings forms to admin/user/access. There will still be a cac_lite tab on the user edit page.

after runing this patch I get the following error updating or creating a new container:

warning: implode() [function.implode]: Bad arguments. in W:\www\sites\all\modules\category\contrib\cac_lite\cac_lite.module on line 229.
user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT * FROM category_hierarchy WHERE cid=9 AND parent IN() in W:\www\includes\database.mysql.inc on line 172.

I haven't reproduced the problem, but I think I see what causes it, and here is a patch with some extra checking to avoid that case. Please report whether this fixes the problem. Thank you!

Regarding #7 and #8, perhaps it may be useful to add back to the cac_lite_node_access_records()
the check for cac_lite being configured (from pre 5.0 patched versions):

  if (!is_array($cnids) || !count($cnids)) {
        drupal_set_message(t('cac_lite module has been installed, but has not been configured.'));
        return $grants;
  }

Other from that, the patch(es) yogadex has work well for me, and look much cleaner.

Thanks for the testing. Here's a patch that displays the warning anaru mentioned.

I take it this is ready to be committed?

Thanks for the testing. Here's a patch that displays the warning anaru mentioned.

I take it this is ready to be committed?

I think it is certainly much better than what currently sits in the cvs head, so I would suggest
committing it.

Just committed the patch. Thanks all!

Hi,

Is this patch also applicable to 4.7.6?
If not can you please make it applicable?
Thanks in advance!

greetings,
Martijn

hi..i am using cac-lite..and doesnt work even for registered users..only webmaster can c all content..cld u pls put this up as a new version update ..so we can upgrade..Drupal 5.1
thanks :)

I have applied the patch provided and although it fixes the access problems seen, I get the error below, when submitting new or edited content: -

* warning: implode() [function.implode]: Bad arguments. in /data/www/drupal-5.1/modules/category/contrib/cac_lite/cac_lite.module on line 229.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT * FROM category_hierarchy WHERE cid=8 AND parent IN() in /data/www/drupal-5.1/includes/database.mysql.inc on line 172.

Is there something I have done wrong?

I got same problem !! While I submit a content and i got a meesage "user warning: Unknown column 'Object' in 'field list' query: INSERT INTO term_node (nid, tid) VALUES (20, Object) in /home/nusblog/public_html/includes/database.mysql.inc on line 172."

Is there any patch works to fix it ?? I tried every patch that posted but nothing works correctly....
I guess the creator got a headache and run from the problem..

I just upgraded to 5.3, and seem to have the same problem, even though it's now November...

When I create new nodes, anonymous users can't see them. Also when I go to administer>cac_lite I get "sac_lite_admin_settings" instead of the list.

Finally, I find that some of my new nodes don't appear in the node table (though I can see them on the site if I'm logged in as admin.) and the new nodes have "all" instead of cac_lite in the node_access table.

From the looks of this thread, this is mostly stuff that was fixed back in February, so I'm completely stumped as to why my newly installed upgrade should be exhibiting it. Do I still need to apply the patches? Or is there something else going on?

Thanks for any help,

Ken

Okay, I just looked at the date on the official release, and realized that it was before the patches.

So I downloaded the snapshot, and installed that. It seems to have fixed the problem.

I should have checked the dates right away.

Oh well...

Thanks.

I installed the dev snapshot. Fixed the cac_lite errors. But I am still having an error with anon user being able to view the content. The don't get an access denied when viewing the category - anon can see the title, not any of the description or images. Any ideas?