Closed (fixed)
Project:
Drupal core
Version:
7.x-dev
Component:
field system
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Issue tags:
Reporter:
Created:
7 Oct 2009 at 03:39 UTC
Updated:
3 Jan 2014 at 00:29 UTC
Jump to comment: Most recent, Most recent file
Comments
Comment #1
yched commentedNot where I can submit a patch myself, but +1 on principle.
Comment #2
moshe weitzman commentedHas to happen before release in order to give upgrade path for many sites. Marking as critical
Comment #3
markus_petrux commentedPatch attached.
In D6, we're using the $node. In D7, we're using $obj_type and $object. Both methods should provide the same feature.
Comment #4
bjaspan commentedWhy is $object optional but $obj_type is not? For that matter, when will you call field_access() without an object available, e.g. why should it be optional at all?
Comment #5
markus_petrux commentedIn Views for D6, content_access() is used as an access callback for fields exposed to Views (by CCK). This is used by Views to see if the field can be included or it should be discarded while building the query. Here, we do not have a node, but we know this use of content_access() involves a node. If it was Fields in D7, we could tell Views the $obj_type argument (the nature of the field exposed to views is known), but not the $object argument.
Any other place where content_access() is invoked includes the node, so it could include $obj_type and $object. But in Views, this is not possible because the access callback of the field does not have nodes yet.
I tried to describe this in the CCK issue, but also in the hook_field_access() implementation of CCK Private Fields (link). I guess this situation will still remain in D7.
Comment #6
markus_petrux commentedRelated issues:
- #501404: Field Permissions in Core
- #598924: Port of Field Permissions to D7
Comment #7
sun1) If it's optional, then it should use a default of NULL in the signature, just like in field_access() itself.
2) Is this the natural order of arguments? All other *_access() functions we have take $account right after the primary object/condition to check.
That said, and taking #593522: Upgrade drupal_alter() into account, wouldn't it make sense to pass a $context (which here would contain $obj_type and $object) ?
This review is powered by Dreditor.
Comment #8
bjaspan commentedre #7:
1. Optional arguments are syntactic sugar, only useful to external API callers. field_access() may have optional arguments, but hook_field_access() will always be invoked with all of its arguments (though $object may be NULL). Thus, the hook argument should not be optional. This is consistent with other Field API hooks.
2. I had the same question, except I was wondering if $obj_type and $object should be first (before $field even) to be consistent with other Field API functions. I decided since I wasn't sure what was right it wasn't a big enough deal to bikeshed. :-)
Not sure what I think about passing $context. I note that field_attach_load() accepts $options.
Comment #9
sunI just looked into field.module and field.attach.inc once again, and indeed, almost all field functions take $obj_type, $object as first arguments. So we should definitely do as well here for DX++
Let's skip that $context idea... probably only makes sense for drupal_alter() and related stuff.
Comment #10
markus_petrux commentedFood for thought: note how this is used as an access callback argument is Views fields (D6 snippet of CCK):
In D7, in the contrib module that implements Views integration, it could do:
That's the reason why I opted for ordering the arguments that way.
If we use $context, it could look like this:
Views is the only context where $object would be optional. The rest of the places where content_access() is invoked by CCK in D6 comes with the $node, so I think this is equal for D7.
Then, if we use $context, we could use it also to pass the $account?
Thoughts? Do we go for $context with members for 'obj_type', 'object', 'account'? Is the patch ok as it is?
[EDIT] Oops! it seems I was writing my follow up while sun already replied.
Comment #11
markus_petrux commentedBTW, note that $object is optional, so it should be after $field.
It think the correct prototype would be field_access($op, $field, $obj_type, $object = NULL, $account = NULL), which is what the patch in #3 uses.
Comment #12
bjaspan commentedThis discussion has resolved my concerns about the argument order, and answered the question about why $obj_type is mandatory but $object is not.
Comment #13
dries commentedLooks good. Useful and harmless to pass around some extra information. Committed to CVS HEAD!