I set up a new role that is given permission to view premium content. This role is granted per page if the visitor is referred to the site from Google. It is added to any user, anonymous or previously registered.

I want to grant them permission to view premium content so it acts as a Google First Click Free method - see http://www.google.com/support/news_pub/bin/answer.py?hl=en-GB&answer=40543

However, the nopremium_access_full_content function does not account for roles that were added dynamically. This can be fixed by adding a TRUE parameter to the user_access function.

If the return function is changed to :

  return user_access('administer nodes', $account)
    || user_access('view full '. $node->type .' premium content', $account, TRUE)
    || node_access('update', $node, $account)
    || $account->uid && ($account->uid == $node->uid);

This will solve this issue.

CommentFileSizeAuthor
#3 nop.patch555 bytesdrupalgideon

Comments

anrikun’s picture

Status: Active » Needs work

Thanks for the code but please turn this into a patch.
Also, what about the first call to user_access?

anrikun’s picture

Title: nopremium access full content check does not account for dynamically added roles » Add support for dynamically added user roles
drupalgideon’s picture

StatusFileSize
new555 bytes

This patch any good?

I don't know about the administer nodes permission for dynamically added roles - personally I would never give any user this permission, but would be good to hear other opinions.

Thanks.

anrikun’s picture

@SkidNCrashwell: thank you for the patch.

I think that this feature should only be available as an option, through a "Support dynamically added user roles" checkbox in settings. If this checkbox is left unchecked, nothing would change from the current behaviour.

I also think that resetting user_access should occur *before* the conditions are processed.

Thus letting this marked as "needs work".