If I give "authenticated" and "anonymous" users the ability to view a page in nodeaccess by checking off the respective boxes and then go create a node of that type, everything works perfectly and these two roles have access to view.
HOWEVER, IF only the "authenticated" user box is checked off in the "Allowed Roles" area, and I go to the node I just created and edit it to allow access to a specific user (doesn't matter who), all "anonymous" users are denied access to that page. Basically, any role that isn't listed on that node (not checked off in the "Allowed Roles" area) is denied access the the node completely once you grant a specific user access to the page.
How I think it should work is that even if you decide to not "allow" a role to be listed on a page, it shouldn't assume that I also don't want that role to have access to view the page any longer.
I can elaborate on this if this doesn't make sense.
Comments
Comment #1
pcorbett commentedIn other words, if an "Allowed Roles" role isn't checked, it won't show up on the node grant page, AND that role will not have access to that node AT ALL once an individual user is GRANTed access to that node.
Comment #2
mantyla commentedThis was a known problem in the development version, and it is now fixed. Whenever the grant tab was saved before, all roles that were not allowed would lose their grants. There is now a preserve setting, on by default, that prevents this, and all roles whether allowed or not keep their settings. Don't get too used to having that setting though - I could never come up with a use case that would require it to be off, so in future versions it will be permanently on, and hidden permissions never disappear.