Force node access rules on admins
agentrickard - October 26, 2009 - 21:27
| Project: | Domain Access |
| Version: | 6.x-2.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed |
Description
I just thought of how to accomplish this today, and wonder if we should bother.
We could have an advanced setting that says "Force node access rules on admins" and, if set, we would run db_rewrite_sql() for user 1 and users with 'administer nodes' (only).
Thoughts?
#1
Here's a patch. I think this will lessen support requests considerably.
#2
Better patch.
#3
Seems like a good idea - can sometimes be confusing for the admins today when it's not enforced
#4
The only issue is that I am only enforcing DA rules, so if you have two access control modules, it isn't perfect.
#5
is the patch designed for 6.x-2.x-dev only? It appears to apply against my 6.x-2.0-rc9 installation (no other access control module), but then user 1 can still access any node from any domain... I think that an advanced setting option would be useful, as under some circumstances the current behaviour might be desirable (e.g.: monitoring activities across domains).
[domain]# patch < 615294-enforce_0.patchpatching file domain.admin.inc
patching file domain.module
Hunk #1 succeeded at 2086 (offset -172 lines).
#6
It should work for user 1. There is a configuration option you have to toggle.
The setting is right under 'debug mode' in the form.
#7
Got it, and it's working fine for me. I guess that for new installations the setting would default to "Restrict node views for administrator", so to reduce support request.
#8
No, it defaults to FALSE, since this alters core behavior. The documentation will indicate how to enable it.
#9
Committed to HEAD.
#10
D5 version.
#11
Committed to D5.
#12
Automatically closed -- issue fixed for 2 weeks with no activity.