image_create_node_from should return a readable error [#337032]

image_create_node_from does not return the exact reason of failure to the caller. it should return a human readable error so the caller can take appropriate action and report this error to the user.

see http://drupal.org/user/14594

also:

  if (!user_access('create images')) {
    return drupal_access_denied();
  }

should be

  if (!user_access('create images')) {
    return FALSE;
  }

Comment	File	Size	Author
#4	image_337032.patch	5.79 KB	drewish

Comments

Comment #1

egfrith commented 21 November 2008 at 10:02

This bug report relates to a discussion that bwynants and I are having in the image_pub issue queue at #270085: Port to Drupal 6.

The question is whether to create an image node using image_create_node_from() or something like this code, which uses the form api drupal_execute() function:

$form_state = array(); 
module_load_include('inc', 'node', 'node.pages');
$node = array('type' => 'image');
$form_state['values']['title'] = $caption;
$form_state['values']['uid'] = $user->uid;
$form_state['values']['name'] = $user->name;
$form_state['values']['body'] = $description;
$form_state['values']['op'] = t('Save');
$redirect_url = drupal_execute('image_node_form', $form_state, (object)$node);

The advantage of image_create_from() over using drupal_execute() is that we think the name of the image_create_node_form() function is less likely to change than the names of the fields in the image_form.

The disadvantages of image_create_from() versus using drupal_execute() are that:
1. image_create_from() does not return any information about the error (as mentioned in comment #1), and that
2. it does not appear to check the sizes of the images.

Comment #2

bwynants commented 25 November 2008 at 10:19

oops the link in the description should be http://drupal.org/node/270085#comment-1117755

Comment #3

olarin commented 18 December 2008 at 18:53

On a related note - pardon my ignorance here, but does image_create_node_from really need to check for user permissions at all? I ask because I'm trying to call it from a cron hook in a custom module I'm developing, and this is causing me a bit of a headache because it's not clear what user, if any, cron runs as; if I manually run cron then it has root permissions and all is well, but when cron runs automatically it generates access_denied errors. image_create_node_from is not a function that ever gets directly called by a user, and it seems to me that it would make more sense to be checking for proper user permissions outside this function, in whatever functions call it (image_attach_validate, for instance); that would make this function itself more flexible in how it can be used by other modules (for instance, in cron hooks...).

Comment #4

drewish commented 22 December 2008 at 22:03

Status:

Active

» Fixed

Status	File	Size
new	image_337032.patch	5.79 KB

you could make the argument either way about checking the permissions but i think bwynants is correct that it should return FALSE.

committing the attached to HEAD.

Comment #5

5 January 2009 at 22:10

Status:

Fixed

» Closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.

image_create_node_from should return a readable error

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

News items

Our community

Documentation

Drupal code base

Governance of community