Do not expose feed when user has no permission to view it

Why a critical feature request? It was never possible before in commentrss to enable without exposing the feed. I also don't understand why would we do any content type level settings, when you can just disable commenting on certain content types, and no comment feeds will ever appear there as a consequence. If you have commenting on, why not expose the feed again?

I just started using commentrss, so my frame of reference is not what was previously available.

Here is the problem I saw: I wanted to enable the feeds, but not expose them on the front page, because the front page is the only page that has anonymous access and I don't want to show there any link that requires authentication. There is no way to control whether the feed is exposed on the front page. This is the critical part.

As I thought of the enable/expose options, it seemed to me that it would be useful to be able to select which feeds are exposed, and where. My suggestions may not be perfect, but my hope was to get people thinking in this direction.

akawala: the feed exposure should only work, if the user has access comments permission, in which case the feed would not require authentication, so the feed does not go against your thinking of not including links to authenticated content. The feed will not require authentication.

OMG, I see the feed links are included even if there is no 'access comments' permission on the given role. This is not good. Should be fixed. That should alleviate your concerns on exposed authentication required feeds.

I've applied these two patches to Drupal 6.x-2.x and Drupal 5.x-2.x branches of the module. These should result in not including the reference to the comment RSS feed when the user does not have permission to view those feeds. Only if there is a permission will the feeds be displayed. I hope this solves your problem with showing feeds for unprivileged users.

Automatically closed -- issue fixed for two weeks with no activity.