Posted by sphankin on November 14, 2011 at 6:32pm
7 followers
| Project: | Webform Report |
| Version: | 7.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
I have installed the D7 version and when the module is activated, ALL the pages on the site say 'You are not authorized to access this page.' for everyone apart from the Admin...
Any ideas?
Comments
#1
Correction - this happens UNLESS the permission for 'accessing webform reports' is set for all to see.
#2
Sorry about that - you can probably comment out these lines in webform_report.module (106-113):
function webform_report_query_node_access_alter(QueryAlterableInterface $query) {
if (!user_access('access webform reports')) {
$wfr_and = db_and();
$wfr_and->condition('type', 'webform_report', '<>');
$query->condition($wfr_and);
}
}
I will look into it ASAP - still trying to get a handle on the D7 API :-(
#3
This hook has been removed for now.
#4
Thanks - that solved that problem however it now removes all node access rights and all the nodes become public?
#5
The Webform Reports are still protected by node access - a user must have permission to view or edit them.
#6
That's not the problem - sorry didn't explain it clearly.
When you enable the module ALL nodes that had some protection from node access (eg Basic Pages, Articles etc) become public - it appears like there is no restrictions on anything...
When you disable the module, all the protected pages become protected again.
Thanks
Sam
#7
Hello,
I'm the same problem. If I enable webform_report 7.x dev all content all restricted for admin. Anonym users only can read "access denied", if I disabled webform_report all content are accessible.
I comment all function webform_report_node_access($node, $op, $account) on webform_report.module and again all content are accessible again. I think that my accion isn't correct but I haven't any best idea.
Any suggestion?
Thanks
#8
Also having the same issue. With this module enabled, only admin can see nodes of any type. Disable it and permissions return to normal.
#9
The problem is caused by webform_report.module returning NODE_ACCESS_ALLOW for any content type in the webform_report_node_access hook.
I added a few lines that will only let Webform Report allow/deny it's own content type.
I'm attaching a patch.
Cheers!
#10
Thanks for the patch!
I would like to suggest some revisions - let's get the node type based on the example at:
http://api.drupal.org/api/drupal/modules--node--node.api.php/function/ho...
and return NODE_ACCESS_IGNORE at the bottom.
See what you think about the attached patch.
#11
That looks great! I was actually looking for a better way to find the node type :)
#12
I've pushed the updated patch - should be in the next 7.x-1.x-dev build.
#13
#14
Automatically closed -- issue fixed for 2 weeks with no activity.