Posted by slb534 on June 26, 2008 at 3:24pm
Jump to:
| Project: | node privacy byrole |
| Version: | 5.x-1.1 |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
Hello,
I have a page where the "View" permission is granted to "authenticated user". However, when one of my users logs in, he gets "Access Denied". I was able to correct the problem by granting "View" permission to his specific role, but, I thought that by having "authenticated user" this would automatically let *any* user view the page, regardless of the specific role they are in. Is this a bug? I was thinking that having "authenticated user" checked on, that this should override the fact that his specific role hadn't been checked on. But, someone please let me know if I misunderstood, and thanks for looking into this! :)
Comments
#1
If what you describe is reproducible, then that indeed sounds like a bug. It'll be a couple days before I can get to it.
#2
I'm not able to reproduce your problem so far on 6.x.
The first is the Administer > User management > Permissions screen. The second is the node, but this is generally how the permissions are expected to behave:
access content & view: ok
!access content & view: denied
access content & !view: denied
!access content & !view: denied
One example of a the minimum permission mix you could have is to give the leave authenticated without access content permission, grant it to the test role, and then grant the node authenticated user view permission. The goal is for the combination of permissions to total having both access content and view in some way.
Is there any more detail on the roles for that user you could reveal related to global access content and the node view permissions?
#3
Also unable to reproduce this problem. Granting for Authenticated User is producing expected results.
#4
Automatically closed -- issue fixed for 2 weeks with no activity.