Closed (fixed)
Project:
Token authentication
Version:
7.x-1.x-dev
Component:
Code
Priority:
Normal
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
13 Apr 2012 at 22:43 UTC
Updated:
9 May 2012 at 06:00 UTC
Install tokenauth, but don't give permissions to use it. Attempt to use tokenauth to view a page (in my case, a node page). Result is a PHP memory limit error and WSOD.
Comments
Comment #1
Grayside commentedPer the API directive ,
In this situation we are not trying to deny access in a page callback, but in the middle of the page's menu item loading pipeline. At that point, it seems necessary to use drupal_access_denied(). Unfortunately, if you follow-up how that function works, you find drupal_deliver_page() called without an argument specified for the second parameter, which results in menu_get_item() being run for the same page, again. Sadly, this creates a recursion.
Rather than use a crude hack (e.g., static variable to detect if tokenauth logic was previously checked), I am dropping drupal_access_denied(), and instead manipulating the menu item. After all, the point of hook_menu_get_item_alter() is allow real-time transformation of the menu router information, which includes the access callback--or setting access explicitly to TRUE or FALSE.
http://drupalcode.org/project/tokenauth.git/commit/1b2dd36