Posted by roychri on September 14, 2009 at 6:38pm
| Project: | Node Blocks |
| Version: | 6.x-1.2 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | tom_o_t |
| Status: | closed (fixed) |
Issue Summary
I created a site where only the authenticated users could see the content of the nodes.
Using the nodeblock module I saw that anonymous users could still see the content of the block and node.
So this means that this module does not verify that the current user have permission to see the content of the node.
Steps to reproduce:
- create a new content type and configure it to be a nodeblock type.
- Create a new node from that content type
- Assign your node to a region (using the admin/build/block page)
- change the permissions so that only authenticated users can access content.
- Logout
- Expected Behavior: Not able to see the node you created
Comments
#1
Here is my proposed patch.
#2
I can reproduce this. I'll check with Roger, but most likely will roll this patch next time I'm working on the module.
#3
#4
Committed. Should be in head in next few hours.
#5
Automatically closed -- issue fixed for 2 weeks with no activity.