Jump to:
| Project: | Services |
| Version: | 6.x-2.x-dev |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
Hello,
I have a question reguarding a commit that was done in may.
I am talking about:
http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/services/au...
I am not sure but it is possible that this commit is related to:
http://drupal.org/node/375021
Since the commit log does not indicate any issue number, I am not sure.
My question is:
Why do you force #key and #auth to false to search.users, search.nodes and search.content ?
I understand why you force it to false for system.connect but not the others.
I have a drupal install which is closed to the public. Anonymous users cannot search content nor access profiles.
Because this commit forces these functions to no auth, that means it uses the anonymous credentials.
Searching users using search.users returns always empty results because anonymous users cannot access profiles in my drupal website.
We do not want to allow anonymous users to access profiles just for the search.users service call to work.
What do you propose?
Comments
#1
This is because the search service under 6.0.13 had keys set as false, and the setting simply got ported to the new decoupled authenication.
I agree that it is strange and unless anyone speaks up otherwise I'll remove this setting in a weeks time.
#2
Little bit late but committed
#3
Automatically closed -- issue fixed for 2 weeks with no activity.