Hi,
First of all I should say that this module is a really good idea;
I did find something a bit strange though... let me explain:

My website uses a buddylist but members are not required to be each others buddy.
Now user AA has these people as buddy: BB, CC, DD
And user BB has these people as buddy: DD, EE
And user FF has AA as buddy

When user AA adds a node but sets it private for only his buddies I would have expected these people could see the node: BB, CC, DD.
But this is not true, only FF will be able to see the node. Wouldn't it make more sense if it was the other way around?

I have tried to fork your module a bit to change this relation and it is not that hard to do:

function private_nodes_check_access($uid, $nid) {
...
$buddies = buddylist_get_buddies($uid);
if ($buddies[$user->uid]) {
  return true;
...
}

and 

function private_nodes_db_rewrite_sql($query, $primary_table, $primary_field, $args){
...
if($user->uid){
  if (module_exists('buddylist'))
    {
      $return['where'] = "(pn.nid is null OR {$primary_table}.uid=".$user->uid." OR (pn.level=".PRIVATE_NODES_BUDDIES." AND {$primary_table}.uid IN (select uid from {buddylist} where buddy = ".$user->uid.")))";
    }
    else
    {
      $return['where'] = "(pn.nid is null OR {$primary_table}.uid=".$user->uid.")";
    }
...
}

So what do you think?

Comments

sterwa’s picture

sterwa commented

Hello,
than you for your fix (indeed the relationship seems much more meaningful now - I guess similar to that in livejournal). Although I am not sure I understand the second part of the code, it seems to work so far.