I am trying to limit the nodes that can be referenced on a case by case basis using the views allowed values feature of nodereference.

When I manually enter the url for node creation with an nid that is not allowed, I am still able to fill out and submit the node, but the nodereference field is empty.

I am considering this a bug, as it does not follow the expected behavior (does not honor the field's allowed values).

Comments

RoboPhred’s picture

Title: Use "nid missing" behavior if nid is not in allowed values » NodeReference URL does not honor content_access permissions

Turns out the issue was that I had forgotten to set the content_access perm to allow the field to be edited.

The issue is solved for my specific case, but this still can be considered a bug.
Since the nid can never be accepted, it can never be valid, so the nid-missing action should still be taken.

quicksketch’s picture

Category: bug » support
Status: Active » Fixed

I think this was fixed in #534112: Incorrect permission checks for certain content types, which corrected the link being shown even if the user did not have access to create nodes of a certain type as reported by the node access system.

Since the nid can never be accepted, it can never be valid, so the nid-missing action should still be taken.

It looks like everything is operating properly. When using the Content Access module, even required fields are not required to be filled out if the user does not have access to the field.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.