Cloning does not respect ACLs
nmashruwala - December 20, 2008 - 03:05
| Project: | Node clone |
| Version: | 6.x-1.0-beta2 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | postponed (maintainer needs more info) |
Jump to:
Description
I expect that the clone of a node would have the same visibility and permissions behavior as the original node
Context:
Drupal 6.6
Book Access, Book Manager, Simple Access
Steps:
Create a page (P1) in a publicly visible book (in browser 1 aka B1) by clicking Add child page
Check that it is visible to anonymous users using browser 2 aka B2
Clone P1, edit and save
Check that the cloned page is visible using B2
Move P1 and the clone to a protected book that only logged in users see
Check the visibility of P1 and the clone with B2
P1 will return an Access Denied; the clone displays normally
The clone should behave the same way the original does
#1
Drupal does not use an ACL per-say. I'm not familiar with the node access modules you reference, but the behavior does sound odd. Since clone is a very simple module and knows and does nothing about access controls, it seems more likely to be a bug in one of the other modules. I really am not in a position to help you debug this.