Restrict node access by versioncontrol_project too
| Project: | Project |
| Version: | 5.x-1.x-dev |
| Component: | Projects |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | needs review |
Jump to:
project_project_access() in project.inc can restrict project creation for users that don't have a CVS account. This is configured in cvs.module, but needs to be in here because node_access() doesn't provide the necessary hooks for cvs.module to accomplish this by itself.
Of course, versioncontrol_project also needs to have this check (we don't want any regressions, right?) so I added the same option there. As it doesn't depend on Project*, it can't rely on this check being done, so for the general case a validation failure prevents new projects being created for users without accounts. But that's not a nice solution really, so in addition to this check I'd like to have a snippet like the attached one in modules that provide project node types which are likely to be used with the Version Control API. First and foremost, this includes project.inc.
Also, I removed the check for $uid == 1, because as you can see in node_access(), hook_access() is never called for people with user_access('administer nodes').
Please review and, if applicable, apply.
| Attachment | Size |
|---|---|
| project-restrict-creation-versioncontrol.patch | 1.22 KB |

#1
I think we need a more elegant solution here than a module-specific check.