This is a subissue of #1391216: Views integration for the 6.x-2.x and 7.x-1.x version.

Problem/Motivation

It should be possible to check for address access before a Views display is rendered. For example, if user A may not see any addresses of user B, he shouldn't have access to user's B address page either.

Steps to reproduce

  1. Create an address based View.
  2. Create a contextual filter for User ID.
  3. Create a page display with a path something like user/%/addresses2.

If you would finish here, users are able to view eachothers address listings, even if they shouldn't have access. At this point you have two options:

  1. Set display access restrictions by role or permission. The downside of this is that users may not be able to view their own address listing.
  2. Add an address access filter, to remove addresses from the Views results that the user may not see. The downside of this is that it doesn't work with pager and that the users still have access to the address listing page (though it would be empty for users with limited access).

This feature is a requirement for #1433034: Redesign the address book page using Views.

Proposed resolution

Implement a views access plugin that can check for address access based on the contextual filters (arguments) of the View. For a page display with a contextual filter for User ID, the access plugin would check if the current logged in user has access to any addresses of the representing user. For a page display with a contextual filter for address ID, the access plugin would check if the current logged in user has access to the single address.

As this access plugin will only work properly for path based displays, implement also a argument validator plugin. The argument validator would do the same: it would check if the current user has access to:

  • For User ID contextual filter: addresses of this user.
  • For Address ID contextual filter: this address.

The argument validator plugin can not replace the access plugin, because arguments are only validated when someone tries to access the display (e.g. navigates to the page) and not when a link to the page is used in a menu.

Remaining tasks

  • Implement a views access plugin.
  • Implement a argument validator for checking address access based on an User ID.
  • Implement a argument validator for checking address access based on an Address ID.
  • Write tests.

User interface changes

New options in address based Views.

API changes

None.

I'm working on it.

CommentFileSizeAuthor
#6 uc_addresses6-views-display-access-restrictions-1942746-6.patch51.03 KBmegachriz
#4 uc_addresses6-views-display-access-restrictions-1942746-4.patch51.12 KBmegachriz
#2 uc_addresses7-views-display-access-restrictions-1942746-2.patch39.34 KBmegachriz
#1 uc_addresses7-views-display-access-restrictions-1942746-1.patch38.94 KBmegachriz

Comments

megachriz’s picture

megachriz
Primary language Dutch
commented
Status: Active » Needs review
StatusFileSize
new uc_addresses7-views-display-access-restrictions-1942746-1.patch38.94 KB

This patch implements three Views plugins:

  • An access plugin.
  • Two argument validator plugins.

It also has automated tests to test if the plugins work as expected.

See the "Proposed resolution" in the issue summary for more information.

megachriz’s picture

megachriz
Primary language Dutch
commented
StatusFileSize
new uc_addresses7-views-display-access-restrictions-1942746-2.patch39.34 KB

A re-roll of #1 + minor changes. I have also tested pieces not covered by the automated tests: I've tested if the default user validations in the argument validator 'User: address access' still work and they work.

If this passes tests, then I think it's ready for commitment!

megachriz’s picture

megachriz
Primary language Dutch
commented
Version: 7.x-1.x-dev » 6.x-2.x-dev
Status: Needs review » Patch (to be ported)

Committed #2.

Moving to 6.x-2.x.

megachriz’s picture

megachriz
Primary language Dutch
commented
Status: Patch (to be ported) » Needs review
StatusFileSize
new uc_addresses6-views-display-access-restrictions-1942746-4.patch51.12 KB

Patch for the 6.x-2.x version. It was quite a challenge to write the argument validator plugins in a way that they work with both Views 6.x-2.x and Views 6.x-3.x, but I think it succeed. Let's look if the testbot agrees. Since the testbot only will test against Views 6.x-2.x, I will perform tests locally against Views 6.x-3.x.

Status: Needs review » Needs work

The last submitted patch, uc_addresses6-views-display-access-restrictions-1942746-4.patch, failed testing.

megachriz’s picture

megachriz
Primary language Dutch
commented
Status: Needs work » Needs review
StatusFileSize
new uc_addresses6-views-display-access-restrictions-1942746-6.patch51.03 KB

Yeah, the parent for the argument validator "uc_addresses_user_address_access" isn't set right. This should not be the class name, but the name the parent argument validator is registered to Views, which in this case is "user" (see user_views_plugins() in views/modules/user.views.inc).
I had that one right earlier, but I accidentally had removed it when working on other issues.

New patch should go better.

megachriz’s picture

megachriz
Primary language Dutch
commented
Version: 6.x-2.x-dev » 7.x-1.x-dev
Status: Needs review » Fixed

Committed #6 with minimal changes. I tested manually if the default user validations in the argument validator 'User: address access' still worked. For Views 2, the restrict by role didn't work, so I fixed that (I forgot to set the option "validate_user_restrict_roles" before letting the validator "views_plugin_argument_validate_user" validate the argument).
I also tested locally if the Views test passed with Views 3 and that was the case.

Setting version back to the one it was originally reported for and mark it as fixed.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.