Currently Beans use exclusively its own permission system (via bean_access) to check if a user has permissions to view/edit a bean. With the changes to OG and the ability to assign blocks/beans to groups it would be nice if beans honored OG group assignments and only allowed users to edit blocks within their own groups.

Comments

indytechcook’s picture

Status: Active » Needs review
StatusFileSize
new536 bytes

Possible FIx. Please test

arithmetric’s picture

Title: Integrate with OG » Add hook for bean_access
Status: Needs review » Needs work

This approach isn't sufficient to provide group-specific permissions for editing beans. Instead, I think the best course is to add a hook in bean_access to allow other modules to influence the access decision (like hook_node_access in node_access).

The OG-related code could be separated in a submodule. It would use the bean access hook to return an access decision and an OG hook to provide group-level permissions for creating, editing, deleting beans.

indytechcook’s picture

Status: Needs work » Needs review
StatusFileSize
new2.16 KB

Try this patch with new hook_access

arithmetric’s picture

StatusFileSize
new3.49 KB

Awesome! Thanks for the patch indytechcook.

I've tested it, and made a few changes, including adding a new access callback function for the Bean add page (block/add).

arithmetric’s picture

Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.